SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   CA Service Desk Vendors:   CA
(CA Issues Fix for CA Service Desk Manager) JBoss Seam Input Validation Flaw in Processing JBoss Expression Language Expressions Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1028601
SecurityTracker URL:  http://securitytracker.com/id/1028601
CVE Reference:   CVE-2010-1871   (Links to External Site)
Date:  May 30 2013
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Manager 12.5, 12.6, 12.7
Description:   A vulnerability was reported in JBoss Seam. A remote user can cause arbitrary code to be executed on the target user's system. CA Service Desk Manager is affected.

A remote user can create HTML containing specially crafted parametrized JBoss Expression Language (EL) expressions that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user.

Meder Kydyraliev of the Google Security Team reported this vulnerability.

Impact:   A remote user can create HTML that, when loaded by the target user, will execute arbitrary code on the target user's system.
Solution:   CA has issued a workaround for CA Service Desk Manager, described in their advisory.

The CA advisory is available at:

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={2E258599-2A95-4D56-9C0C-BEFA4FB904FE}

Cause:   Input validation error
Underlying OS:  Linux (Red Hat Enterprise), Linux (SuSE), UNIX (AIX), UNIX (Solaris - SunOS), Windows (2003), Windows (2008)

Message History:   This archive entry is a follow-up to the message listed below.
Jul 27 2010 JBoss Seam Input Validation Flaw in Processing JBoss Expression Language Expressions Lets Remote Users Execute Arbitrary Code



 Source Message Contents

Subject:  CA20130528-01: Security Notice for CA Process Automation (CA PAM)

-----BEGIN PGP SIGNED MESSAGE-----

CA20130528-01: Security Notice for CA Process Automation (CA PAM)

Issued: May 28, 2013

CA Technologies support is alerting customers to a vulnerability with
CA Process Automation (CA PAM). The vulnerability, CVE-2010-1871,
occurs in the bundled JBoss Seam component. A remote attacker can
execute arbitrary code.

Risk Rating

High

Platform

All supported platforms

Affected Products

CA Process Automation 4.0
CA Process Automation 4.0 SP1
CA Process Automation 4.1
CA Process Management for Workflows 4.0 SP1
CA Process Management for Workflows 4.1

CA Technologies products that bundle this software include:

CA IT Asset Manager 12.8
CA Server Automation 12.7.1
CA Server Automation 12.8
CA Service Catalog 12.8
CA Service Desk Manager 12.5
CA Service Desk Manager 12.6
CA Service Desk Manager 12.7

How to determine if the installation is affected

To determine whether the Seam component is installed and enabled,
check for the following files. If the files are present, then the
installation may be vulnerable.

Directory
File

<PAM_Home>\server\c2o\deployers
seam.deployer

<PAM_Home>\server\c2o\deployers
webbeans.deployer

<PAM_Home>\server\c2o\deploy
admin-console.war

Solution

CA Technologies issued the following remediation to address the
vulnerability.

For Process Automation 4.0, 4.0 SP1, 4.1 and Process Management for
Workflows 4.0 SP1, 4.1:
Apply the manual remediation steps described in TEC591669.

References

CVE-2010-1871

CA20130528-01: Security Notice for CA Process Automation (CA PAM)
https://support.ca.com/irj/portal/anonymous/phpsbpldgpg

Version 1.0: Initial Release

If additional information is required, please contact CA Technologies
Support at http://support.ca.com/

If you discover a vulnerability in CA Technologies products, please
report your findings to the CA Technologies Product Vulnerability
Response Team:
https://support.ca.com/irj/portal/anonymous/phpsbpldgpg

Regards,

Kevin Kotas
Director, CA Technologies Product Vulnerability Response Team

Copyright (c) 2013 CA. All Rights Reserved. One CA Plaza, Islandia,
N.Y. 11749. All other trademarks, trade names, service marks, and
logos referenced herein belong to their respective companies.

-----BEGIN PGP SIGNATURE-----
Charset: utf-8

wsBVAwUBUaU4FZI1FvIeMomJAQGkgQf+KMl2ia2Wn15Mgd4wpC0pyMelgV5zepEv
zrs5XWIZcMmVughDOPh3Sn0sfGD50+SjkTJOX6T4pUFKa+GMt0KEjvxDEUoP663z
5N7Kj74049STpcofkSq8Rr9UtIGl6//pvP6EVhdhrl65ZEnmyITmsd6jNLvALmL7
EQEyTFwJfAt6zT4hSX3wFO95pozvsGNOQElJnoZcrjPK71EgMXdHJtERHqIxCeKQ
A1d0oWjtQsk5IeCOi79gH2PlIYUt5oWfnrhZqzQ9sYV7u90LKHQzNwKLCbqIrZE3
RQiY1BeQAKXSKd/nrCYDaH8TWBxdpnH28AeHX6zJTAHovzAQVHRDLg==
=9l+r
-----END PGP SIGNATURE-----
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC