|
Brought to you by:
Suppliers of:
|
|
|
| |
| Computer Associates iGateway contains a buffer overflow vulnerability that allows remote attackers to execute arbitrary code. |
| |
Credit:
The information has been provided by Williams, James K.
The original article can be found at: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33485
|
| |
Vulnerable Systems:
* iGateway component versions 4.0.050615 and prior
* BrightStor ARCserve Backup version r11.5
* BrightStor ARCserve Backup version r11.1
* BrightStor ARCserve Backup for Windows version r11
* BrightStor Enterprise Backup version 10.5
* BrightStor ARCserve Backup version 9.01
* BrightStor ARCserve Backup Laptop & Desktop version r11.1
* BrightStor ARCserve Backup Laptop & Desktop version r11
* BrightStor Process Automation Manager version r11.1
* BrightStor SAN Manager version r11.1
* BrightStor SAN Manager version r11.5
* BrightStor Storage Resource Manager version r11.5
* BrightStor Storage Resource Manager version r11.1
* BrightStor Storage Resource Manager version 6.4
* BrightStor Storage Resource Manager version 6.3
* BrightStor Portal version 11.1
* eTrust Audit version 1.5 SP2 (iRecorders and ARIES)
* eTrust Audit version 1.5 SP3 (iRecorders and ARIES)
* eTrust Audit version 8.0 (iRecorders and ARIES)
* eTrust Admin version 8.0
* eTrust Admin version 8.1
* eTrust Identity Minder version 8.0
* eTrust Secure Content Manager (SCM) version R8
* eTrust Web Service Security version R8
* eTrust Integrated Threat Management (ITM) version R8
* Unicenter CA Web Services Distributed Management version R11
* Unicenter AutoSys JM version R11
* Unicenter Management for WebLogic / Management for WebSphere version R11
* Unicenter Service Delivery version R11
* Unicenter Service Level Management (USLM) version R11
* Unicenter Application Performance Monitor version R11
* Unicenter Service Desk version R11
* Unicenter Service Desk Knowledge Tools version R11
* Unicenter Service Fulfillment version 2.2
* Unicenter Service Fulfillment version R11
* Unicenter Asset Portfolio Management version R11
* Unicenter Service Matrix Analysis version R11
* * Unicenter Service Catalog/Fulfillment/Accounting version R11
* Unicetner MQ Management version R11
* Unicenter Application Server Managmenr version R11
* Unicenter Web Server Management version R11
* Unicenter Exchange Management version R11
The Computer Associates iGateway common component, which is included with several CA products for UNIX/Linux/Windows platforms, contains a buffer overflow vulnerability that could allow remote attackers to execute arbitrary code on Windows platforms, or cause iGateway component failure (denial of service) on UNIX and Linux. The vulnerability is due to improper bounds checking on HTTP GET requests by the iGateway component when debug mode is enabled.
A non-standard install of the iGateway component is required to expose this vulnerability. Typically, the embedded iGateway component is part of a non-interactive installation process.
Consequently, most systems (those that utilize the default installation procedure) are not at risk.
If a non-standard install WAS performed, the iGateway component is still unlikely to be vulnerable to this exploit, because the flaw is only exposed if the component has been manually configured to run with diagnostic debug tracing enabled.
Configuring the component to run in debug mode requires administrative access to configuration files that reside on the machine, and also requires that the iGateway service be stopped and restarted by someone with administrative service privileges.
Configuring the iGateway service to operate in debug mode is typically performed only at the direction of Computer Associates support personnel who are working with a customer to troubleshoot potential support issues.
Workaround:
Do not operate the iGateway component in debug diagnostic trace mode. To ensure that you are not running iGateway in debug mode, look for the "Debug" parameter in your igateway.conf file, and make sure that it is set to "False" (i.e. <Debug>False</Debug>).
To determine the version number of the iGateway component, browse to the igateway directory and check the version listed in the igateway.conf file.
On Windows, this is %IGW_LOC%
Default path for v3.*: C:\Program Files\CA\igateway
Default path for v4.*: C:\Program Files\CA\SharedComponents\iTechnology
On UNIX,
Default path for v3.*: /opt/CA/igateway
Default path for v4.*: the install directory path is contained in opt/CA/SharedComponents/iTechnology location. The default path is /opt/CA/SharedComponents/iTechnology.
Look at the <Version> element in igateway.conf.
The versions are affected by this vulnerability if you see a value LESS THAN the following:
<Version>4.0.050615</Version> (note the format of v.s.YYMMDD)
Vendor Status:
The vendor has issued a fix for the issue available at: http://supportconnect.ca.com
CVE Information:
CAN-2005-3190
OSVDB Information:
http://www.osvdb.org/displayvuln.php?osvdb_id=19920
|
|
|
|
|
