[<prev] [next>] [day] [month] [year] [list]
Message-ID: <1335FF3F144C424F839EFBA7AD8A56E00B9B42F3@USILMS12.ca.com>
Date: Wed, 13 Apr 2011 17:26:59 -0400
From: "Kotas, Kevin J" <Kevin.Kotas@...com>
To: <full-disclosure@...ts.grok.org.uk>
Subject: CA20110413-01: Security Notice for CA Total
Defense
-----BEGIN PGP SIGNED MESSAGE-----
CA20110413-01: Security Notice for CA Total Defense
Issued: April 13, 2011
CA Technologies support is alerting customers to security risks with
CA Total Defense. Multiple vulnerabilities exist that can allow a
remote attacker to possibly execute arbitrary code. CA issued an
automatic update to address the vulnerabilities.
The first set of vulnerabilities, CVE-2011-1653, are due to
insufficient handling of certain request parameters. A remote
attacker can use various SQL injection attacks to potentially
compromise the Unified Network Control (UNC) Server.
The second vulnerability, CVE-2011-1654, occurs due to insufficient
handling of file upload parameters. A remote attacker can upload a
file and use it to execute arbitrary code on the Total Defense
Management Server.
The third vulnerability, CVE-2011-1655, is due to insufficient
protection of sensitive information. A remote attack can acquire
account credentials and take privileged action on the Unified Network
Control (UNC) Server.
Risk Rating
High
Platform
Windows
Affected Products
CA Total Defense r12
Non-Affected Products
CA Total Defense r12 SE2
How to determine if the installation is affected
These Total Defense components will be updated to the following
versions once SE2 is installed:
TD Management Server Core: 12.0.0.621
UNC: 12.0.0.622
If either component is not updated to the specified version or later,
the installation may be vulnerable.
Solution
Install the SE2 update. If content updates are enabled, the update
will happen automatically. The update was made available April 4,
2011.
See the following announcement for more information:
CA Total Defense r12 SE2 Content Update is Now Available
(url line wraps)
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={6
C750E92-D109-4F7D-BA41-8D468B2E31B1}
References
CVE-2011-1653 - Total Defense SQL injections
CVE-2011-1654 - Total Defense file upload
CVE-2011-1655 - Total Defense credential exposure
CA20110413-01: Security Notice for CA Total Defense
(url line wraps)
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={C
D065CEC-AFE2-4D9D-8E0B-BE7F6E345866}
Acknowledgement
CVE-2011-1653, CVE-2011-1654, CVE-2011-1655 - Andrea Micalizzi
through the TippingPoint ZDI
Change History
Version 1.0: Initial Release
If additional information is required, please contact CA Technologies
Support at http://support.ca.com/.
If you discover a vulnerability in CA Technologies products, please
report your findings to the CA Technologies Product Vulnerability
Response Team.
(url line wraps)
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=17
7782
Regards,
Kevin Kotas
CA Product Vulnerability Response Team
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQEVAwUBTaYTCZI1FvIeMomJAQFCSwgAttFjeDwbHrVyTNtO3ZhYkpphbszMUOVT
JfOGb9vX9tzBa+u09OFRyAZic15zxzq6ilJzdwRqo5c1IXi+m4lOS6D1C5zrCIoA
ZMo9EAmhTNROEoTAY6sEegapA+yTykcNXwmFygYu3vHqCbNhl0JZqjOgrm+563FL
R3zxfjxX6SGUaEGkdVoluUHIEwK+nGGEQ8cLW5cI0unRwerewOwvBj9gwraodmAF
frjl7A4O7VYtHgfNoVDBKqsff8cvlzNSNTx1xma+p0MT9j7wvggI6c3hCKoua4dz
n4uEP7i0QeMH5V9HqeFUduz3cGCBdlXbMEht7psUBadtE9+cOsrLgA==
=W8ut
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists