CA20121205-01 Security Notice for CA XCOM Data Transport on Unix and Linux - CA Technologies
{{search ? 'Close':'Search'}}

CA20121205-01: Security Notice for CA XCOM Data Transport on Unix and Linux

Issued: December 05, 2012

CA Technologies Support is alerting customers to a potential risk with CA XCOM Data Transport. A vulnerability exists that can allow a remote attacker to execute arbitrary commands. CA Technologies has issued patches to address the vulnerability.

The vulnerability, CVE-2012-5973, occurs due to insufficient verification of requests. A remote attacker can send a carefully constructed request to execute arbitrary commands and compromise the server.

Risk Rating

High

Platforms

Unix
Linux

Affected Products

The following CA XCOM Data Transport releases for Linux and UNIX platforms are affected:

CA XCOM Data Transport r11.5
     CA XCOM Data Transport for Linux PC
     CA XCOM Data Transport for HP/UX
     CA XCOM Data Transport for HP-UX IA64

CA XCOM Data Transport r11.0
     CA XCOM Data Transport for AIX
     CA XCOM Data Transport for AIX Brixton
     CA XCOM Data Transport for Digital UNIX
     CA XCOM Data Transport for HP/UX
     CA XCOM Data Transport for HP-UX IA64
     CA XCOM Data Transport for Linux PC
     CA XCOM Data Transport for Linux zSeries
     CA XCOM Data Transport for NCR UNIX MP-RAS
     CA XCOM Data Transport for SCO OpenServer
     CA XCOM Data Transport for SCO UnixWare
     CA XCOM Data Transport for Sun Solaris Brixton
     CA XCOM Data Transport for Sun Solaris Operating System
     CA XCOM Data Transport for Sun Solaris X86

Non-Affected Products

All CA XCOM Data Transport r11.6 for Linux and UNIX platforms

All versions of CA XCOM Data Transport for non-Linux and non-UNIX platforms, which include:

CA XCOM Data Transport for AS/400 i5/OS
CA XCOM Data Transport for AS/400 i5/OS CISC
CA XCOM Data Transport for HP NonStop
CA XCOM Data Transport for HP NonStop IA64
CA XCOM Data Transport for LAN Server NetWare
CA XCOM Data Transport for LAN Workstation for OS/2
CA XCOM Data Transport for LAN Workstation for Windows
CA XCOM Data Transport for OpenVMS
CA XCOM Data Transport for OpenVMS Alpha
CA XCOM Data Transport for OpenVMS I64
CA XCOM Data Transport for OpenVMS VAX
CA XCOM Data Transport for OS/2 Workstation
CA XCOM Data Transport for PC-DOS Workstation
CA XCOM Data Transport for Stratus CISC
CA XCOM Data Transport for Stratus Continuum
CA XCOM Data Transport for Stratus RISC
CA XCOM Data Transport for VAX
CA XCOM Data Transport for Windows Family Professional
CA XCOM Data Transport for Windows Family Server
CA XCOM Data Transport for z/OS
CA XCOM Data Transport for z/VM
CA XCOM Data Transport for z/VSE
CA XCOM Data Transport for z/VSE CICS
CA XCOM Data Transport Gateway
CA XCOM Data Transport Management Center

How to determine if the installation is affected

  1. From a command prompt, issue the following command:
    xcomd -r
  2. Any CA XCOM Data Transport for Linux/UNIX platform that are below the following release level(s) are affected:

For CA XCOM Data Transport r11.5 SP00 versions:
     CA XCOM Data Transport r11.5 12090 SP00

For CA XCOM Data Transport r11.0 SP01 versions:
     CA-XCOM Data Transport Version r11 0603W SP01

For CA XCOM Data Transport r11.0 SP02 versions:
     CA-XCOM Data Transport Version r11 0812J SP02

Solution

CA Technologies has issued the following patches to address the vulnerabilities.

CA XCOM Data Transport r11.5:
     CA XCOM Data Transport for Linux PC
          SP00 - RO52253
     CA XCOM Data Transport for HP/UX
          SP00 - RO52259
     CA XCOM Data Transport for HP-UX IA64
          SP00 - RO52261

CA XCOM Data Transport r11.0:
     CA XCOM Data Transport for AIX
          SP02 - RO52265
          SP01 - RO52264
     CA XCOM Data Transport for AIX Brixton
          SP02 - RO52265
          SP01 - RO52264
     CA XCOM Data Transport for Digital UNIX
          SP01 - RO52257
     CA XCOM Data Transport for HP/UX
          SP02 - RO52258
          SP01 - RO52587
     CA XCOM Data Transport for HP-UX IA64
          SP02 - RO52260
     CA XCOM Data Transport for Linux PC
          SP01 - RO52252
     CA XCOM Data Transport for Linux zSeries
          SP01 - RO52254
     CA XCOM Data Transport for NCR UNIX MP-RAS
          SP01 - RO52256
     CA XCOM Data Transport for SCO OpenServer
          SP01 - RO52266
     CA XCOM Data Transport for SCO UnixWare
          SP01 - RO52269
     CA XCOM Data Transport for Sun Solaris Brixton
          SP02 - RO52268
          SP01 - RO52267
     CA XCOM Data Transport for Sun Solaris Operating System
          SP02 - RO52268
          SP01 - RO52267
     CA XCOM Data Transport for Sun Solaris X86
          SP01 - RO52255

Workaround

Set the CA XCOM global parameter to "XENDCMD=" in the xcom.glb file.

References

CVE-2012-5973 - XCOM DT remote command execution

Acknowledgement

CVE-2012-5973 - Jurgens van der Merwe and Junaid Loonat from SensePost

Change History

Version 1.0: Initial Release

If additional information is required, please contact CA Technologies Support at https://support.ca.com/.

If you discover a vulnerability in CA Technologies products, please report your findings to the CA Technologies Product Vulnerability Response Team.

Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing