CA20111116-01 Security Notice for CA Directory - CA Technologies
{{search ? 'Close':'Search'}}

CA20111116-01: Security Notice for CA Directory

Issued: November 16, 2011
Last Updated: November 22, 2011

CA Technologies Support is alerting customers to a potential risk with CA Directory. A vulnerability exists that can allow a remote attacker to cause a denial of service condition. Remediation is available to address the vulnerability.

The vulnerability, CVE-2011-3849, occurs due to insufficient bounds checking. A remote attacker can send a SNMP packet that can cause a crash.

Risk Rating

High

Platform

All

Affected Products

CA Directory r12 SP1-SP7
CA Directory 8.1

CA products that bundle CA Directory with the installation media:

CA Identity Manager
CA SiteMinder
CA Single Sign-On
CA DLP
CA Clarity PPM
CA Embedded Entitlements Manager 8.4.409 (8.4 SP4 CR09) and prior

Note: CA Embedded Entitlements Manager is distributed with the following products:

  • CA Aion
  • CA APM
  • CA Asset Portfolio Management
  • CA Audit
  • CA Automation Suite for Data Centers
  • CA Client Automation
  • CA Configuration Automation
  • CA Directory
  • CA eHealth
  • CA Infrastructure Management
  • CA Introscope
  • CA IT Asset Manager
  • CA Process Automation
  • CA Service Catalog
  • CA Service Desk Manager
  • CA Service Metric Analysis
  • CA Service Operations Insight
  • CA Software Compliance Manager
  • CA User Activity Reporting Module
  • CA Virtual Automation
  • CA Virtual Automation for IM
  • CA Workflow
  • CA Workload Automation
  • CA Workload Control Center
  • CA XCOM Data Transport Gateway
  • CA XCOM Data Transport Management Center
Depending on how the individual product is implemented, CA Directory may or may not be used by default when CA Embedded Entitlements Manager is installed. If you have installed one of the products in this list, refer to the product's installation or implementation guide for specific details concerning CA Directory.

Non-Affected Products

CA Directory r12 SP7 CR1 and later
CA Embedded Entitlements Manager r12

How to determine if the installation is affected

CA Directory

Verify the version of dxserver by running the command "dxserver version" on the command line. All versions prior to version 6279 are affected.

CA Embedded Entitlements Manager

See the Solution section to determine if the installation is vulnerable.

Solution

CA Directory

For CA Directory, upgrade to SP7 CR1 (build 6279):

CA Directory Solutions & Patches
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7BED89688A-C7A2-4FE9-85D9-1272D345A658%7D

CA Embedded Entitlements Manager

For products that include CA Embedded Entitlements Manager 8.4.409 (8.4 SP4 CR09) and prior, use the following instructions to remediate the vulnerability:

Steps to Secure EEM Servers with Directory SNMP Vulnerability
https://support.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/steps-to-secure-eem-servers-with-directory-snmp-vulnerability.html

Workaround

The vulnerability is related to CA Directory parsing of SNMP packets. To mitigate the risk, the SNMP port can be disabled by removing the "snmp-port = <PORT>" line from the DSA's knowledge configuration section.

References

CVE-2011-3849 - CA Directory denial of service

Acknowledgement

CVE-2011-3849 - nabCERT, National Australia Bank

Change History

Version 1.0: Initial Release
Version 1.1: Added XCOM products, updated workaround solution

If additional information is required, please contact CA Technologies Support at https://support.ca.com.

If you discover a vulnerability in CA Technologies products, please report your findings to the CA Technologies Product Vulnerability Response Team.

Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing