exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

CA Spectrum 10.1.x / 10.2.x Denial Of Service

CA Spectrum 10.1.x / 10.2.x Denial Of Service
Posted May 3, 2018
Authored by Kevin Kotas | Site www3.ca.com

CA Technologies Support is alerting customers to a potential risk with CA Spectrum. A vulnerability exists that can allow an unauthenticated remote attacker to cause a denial of service. CA has solutions to resolve the vulnerability. The vulnerability occurs due to how a Spectrum network service handles invalid data. A remote attacker can send a request that may disrupt a Spectrum service and potentially cause further product instability.

tags | advisory, remote, denial of service
advisories | CVE-2018-6589
SHA-256 | c42461b24c68708141823de35f39bffa1179f622bd996847c2c2cea9ae1ef49a

CA Spectrum 10.1.x / 10.2.x Denial Of Service

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CA20180501-01: Security Notice for CA Spectrum

Issued: May 1st, 2018
Last Updated: May 1st, 2018

CA Technologies Support is alerting customers to a potential risk
with CA Spectrum. A vulnerability exists that can allow an
unauthenticated remote attacker to cause a denial of service. CA has
solutions to resolve the vulnerability.

The vulnerability, CVE-2018-6589, occurs due to how a Spectrum
network service handles invalid data. A remote attacker can send a
request that may disrupt a Spectrum service and potentially cause
further product instability.

Risk Rating

CVE Identifier
Risk Rating

CVE-2018-6589
High

Platform(s)

All

Affected Products

CA Spectrum 10.1.x
CA Spectrum 10.2.x

Unaffected Products

CA Spectrum 10.2.3

How to determine if the installation is affected

Use one of the below methods to find the CA Spectrum product version:
1. CA OneClick Console: Click on Help -> About
2. Open the Spectrum Console Panel on the SpectroServer and click on
Help -> About
3. On SpectroServer: Go to the Spectrum install directory, open the
.installrc file and find the "VERSION"

Solution

CA Technologies published the following solutions to resolve the
vulnerability.

CA Spectrum 10.1.x:
Apply 10.01.02.PTF_10.1.239

CA Spectrum 10.2.x:
Update to CA Spectrum 10.2.3

References

CVE-2018-6589 - CA Spectrum Denial of Service

Acknowledgement

CVE-2018-6589 - Francesco Scibetta

Change History

Version 1.0: Initial Release

Customers who require additional information about this notice may
contact CA Technologies Support at https://support.ca.com/

To report a suspected vulnerability in a CA Technologies product,
please send a summary to CA Technologies Product Vulnerability
Response at vuln <AT> ca.com

Security Notices and PGP key
support.ca.com/irj/portal/anonymous/phpsbpldgpg
www.ca.com/us/support/ca-support-online/documents.aspx?id=177782

Regards,

Kevin Kotas
Vulnerability Response Director
CA Technologies Product Vulnerability Response

Copyright (c) 2018 CA. 520 Madison Avenue, 22nd Floor, New York, NY
10022. All other trademarks, trade names, service marks, and logos
referenced herein belong to their respective companies.

-----BEGIN PGP SIGNATURE-----
Charset: utf-8

wsFVAwUBWuiPK8Mr2sgsME5lAQrSFw/+ODt5YOFxRR5DpqYceXD+632QlKciImVE
11weVg55o11K7ZvLuQfKvfOl1C0DIwXuiwsCg29EdVGaoSYYhXHeHBw7k3tYhGLp
eea45ha0ZPBtl31IYZbloyOZtCOG1RwZFiHXoC8YnBC4Y0MSeY3pwGCKzSlgvkMg
mqYw+s9nRr24hO6cSWYLQAgxtvjL3b/oX5UMbCiAlzBg7oVkiAqvjnka4f+fY4+r
2HzH05vy0JFD7hTVRROUimlZ3yy2HjbWj/UHcCZdm/5q5qrIVMHnIK3jfV7TjF90
+neTCG2xUR+0Xd9KBct2hqRtvEH1kiJ8stWx7zDhTaRUjQVBVfG3gizE+MCDljrN
ngj8K2uOw8cvDBrj2n8rR7QZ5x8LrfTMs3yMW4ori+RYlWK1GkI/jRi4Y6qJLSrk
+rrlEPxGR0P74eWAgNvZPka1M92D8zpBUvIIbnZLJMGkIdf5/cmDvCwxP0dQzO16
DrbdffuTUNyS4DdpglFoTKNYq2hN3KJgkiJLdp8kekDlflSG5BRP5t9vpJZkxcfX
DywbVRkPgf9wJyvqweaDBAU3CI4Z8KlifbuPiO0pbv85tO602zUlWs00BaLp3b9a
75UTWUVTrJ75sgbNbMrHq/JZ/nZPvEapXkMU/Ka5Dw/6AXb6Dc7kWTA0XXNDBpe6
dLWBxdURIKg=
=QbR0
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close