On September 26th, 2007 CA published a security notice to address multiple vulnerabilities in CA BrightStor Hierarchical Storage Manager.
Title: [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities
CA Vuln ID (CAID): 35690, 35691, 35692
CA Advisory Date: 2007-09-26
Reported By: Sean Larsson, iDefense Labs; an anonymous researcher working with the iDefense VCP; Aaron Portnoy of DV Labs (dvlabs.tippingpoint.com)
Impact: A remote attacker can execute arbitrary code or cause a denial of service condition.
Summary: Multiple vulnerabilities exist in the CsAgent service that can allow a remote attacker to execute arbitrary code or cause a denial of service condition. The first set of vulnerabilities, CVE-2007-5082, occur due to insufficient bounds checking in multiple CsAgent service commands. The second set of vulnerabilities, CVE-2007-5083, occur due to insufficient validation of integer values in multiple CsAgent service commands, which can lead to buffer overflow. The third set of vulnerabilities, CVE-2007-5084, occur due to insufficient validation of strings used in SQL statements in multiple CsAgent service commands.
Mitigating Factors:
None
Severity: CA has given these vulnerabilities a maximum risk rating of High.
Affected Products:
CA BrightStor Hierarchical Storage Manager r11.5
Affected Platforms:
Windows
Status and Recommendation:
CA has provided an update to address the vulnerabilities. Upgrade to BrightStor Hierarchical Storage Manager r11.6.
BrightStor Hierarchical Storage Manager r11.6:
http://supportconnectw.ca.com/premium/bstorhsm/downloads/BHSMr11_6.zip
How to determine if the installation is affected:
Run the BrightStor HSM Administrator GUI and open Help->About from the toolbar to view the version. If the version is less than 11.6, the installation is vulnerable.
Workaround: None
References (URLs may wrap):
CA SupportConnect:
http://supportconnect.ca.com/CA BrightStor Hierarchical Storage Manager CsAgent Security Notice
http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.aspSolution Document Reference APARs:
n/a
CA Security Advisor posting:
CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156444CA Vuln ID (CAID): 35690, 35691, 35692
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35691http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692Reported By: Sean Larsson, iDefense Labs; an anonymous researcher working with the iDefense VCP; Aaron Portnoy of DV Labs (dvlabs.tippingpoint.com)
iDefense advisory:
Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601ZDI advisory:
TPTI-07-16: CA BrightStor Hierarchical Storage Manager Buffer Overflow Vulnerabilities
http://dvlabs.tippingpoint.com/advisory/TPTI-07-16TPTI-07-17: CA BrightStor Hierarchical Storage Manager SQL Injection Vulnerabilities
http://dvlabs.tippingpoint.com/advisory/TPTI-07-17CVE References:
CVE-2007-5082, CVE-2007-5083, CVE-2007-5084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5082http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5083http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5084OSVDB References: Pending
http://osvdb.org/Changelog for this advisory:
v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at
http://supportconnect.ca.com. For technical questions or comments related to this advisory, please send email to
vuln AT ca DOT com. If you discover a vulnerability in CA products, please report your findings to
vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL:
http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx