what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

cadsm-activex.txt

cadsm-activex.txt
Posted Apr 16, 2008
Authored by Ken Williams | Site www3.ca.com

CA products that implement the DSM gui_cm_ctrls ActiveX control contain a vulnerability that can allow a remote attacker to cause a denial of service or execute arbitrary code. The vulnerability is due to insufficient verification of function arguments by the gui_cm_ctrls control. An attacker can execute arbitrary code under the context of the user running the web browser.

tags | advisory, remote, web, denial of service, arbitrary, activex
advisories | CVE-2008-1786
SHA-256 | b63cbfd73b81137d031f97bd4f2406b126e28b710e79acc9de05299b137471b2

cadsm-activex.txt

Change Mirror Download


Title: CA DSM gui_cm_ctrls ActiveX Control Vulnerability


CA Advisory Date: 2008-04-15


Reported By: Greg Linares of eEye Digital Security


Impact: A remote attacker can execute arbitrary code or cause a
denial of service condition.


Summary: CA products that implement the DSM gui_cm_ctrls ActiveX
control contain a vulnerability that can allow a remote attacker
to cause a denial of service or execute arbitrary code. The
vulnerability, CVE-2008-1786, is due to insufficient verification
of function arguments by the gui_cm_ctrls control. An attacker can
execute arbitrary code under the context of the user running the
web browser.


Mitigating Factors: For BrightStor ARCserve Backup for Laptops &
Desktops, only the server installation is affected. Client
installations are not affected. For CA Desktop Management Suite,
Unicenter Desktop Management Bundle, Unicenter Asset Management,
Unicenter Software Delivery and Unicenter Remote Control, only the
Managers and DSM Explorers are affected. Scalability Servers and
Agents are not affected.


Severity: CA has given this vulnerability a maximum risk rating
of High.


Affected Products:
BrightStor ARCServe Backup for Laptops and Desktops r11.5
CA Desktop Management Suite r11.2 C2
CA Desktop Management Suite r11.2 C1
CA Desktop Management Suite r11.2a
CA Desktop Management Suite r11.2
CA Desktop Management Suite r11.1 (GA, a, C1)
Unicenter Desktop Management Bundle r11.2 C2
Unicenter Desktop Management Bundle r11.2 C1
Unicenter Desktop Management Bundle r11.2a
Unicenter Desktop Management Bundle r11.2
Unicenter Desktop Management Bundle r11.1 (GA, a, C1)
Unicenter Asset Management r11.2 C2
Unicenter Asset Management r11.2 C1
Unicenter Asset Management r11.2a
Unicenter Asset Management r11.2
Unicenter Asset Management r11.1 (GA, a, C1)
Unicenter Software Delivery r11.2 C2
Unicenter Software Delivery r11.2 C1
Unicenter Software Delivery r11.2a
Unicenter Software Delivery r11.2
Unicenter Software Delivery r11.1 (GA, a, C1)
Unicenter Remote Control r11.2 C2
Unicenter Remote Control r11.2 C1
Unicenter Remote Control r11.2a
Unicenter Remote Control r11.2
Unicenter Remote Control r11.1 (GA, a, C1)
CA Desktop and Server Management r11.2 C2
CA Desktop and Server Management r11.2 C1
CA Desktop and Server Management r11.2a
CA Desktop and Server Management r11.2
CA Desktop and Server Management r11.1 (GA, a, C1)


Affected Platforms:
Windows


Status and Recommendation:

CA has provided the following updates to address the
vulnerabilities.

BrightStor ARCserve Backup for Laptops and Desktops r11.5:
QI96333

CA Desktop Management Suite for Windows r11.1 (GA, a, C1),
Unicenter Desktop Management Bundle r11.1 (GA, a, C1),
Unicenter Asset Management r11.1 (GA, a, C1),
Unicenter Software Delivery r11.1 (GA, a, C1),
Unicenter Remote Control r11.1 (GA, a, C1):
QO96283

CA Desktop Management Suite for Windows r11.2a,
Unicenter Desktop Management Bundle r11.2a,
Unicenter Asset Management r11.2a,
Unicenter Software Delivery r11.2a,
Unicenter Remote Control r11.2a:
QO96286

CA Desktop Management Suite for Windows r11.2,
Unicenter Desktop Management Bundle r11.2,
Unicenter Asset Management r11.2,
Unicenter Software Delivery r11.2,
Unicenter Remote Control r11.2:
QO96285

CA Desktop Management Suite for Windows r11.2 C1,
Unicenter Desktop Management Bundle r11.2 C1,
Unicenter Asset Management r11.2 C1,
Unicenter Software Delivery r11.2 C1,
Unicenter Remote Control r11.2 C1:
QO96284

CA Desktop Management Suite for Windows r11.2 C2,
Unicenter Desktop Management Bundle r11.2 C2,
Unicenter Asset Management r11.2 C2,
Unicenter Software Delivery r11.2 C2,
Unicenter Remote Control r11.2 C2:
QO99084

CA Desktop and Server Management r11.2 C2:
QO99080

CA Desktop and Server Management r11.2 C1:
QO96288

CA Desktop and Server Management r11.2a:
QO96290

CA Desktop and Server Management r11.2:
QO96289

CA Desktop and Server Management r11.1 (GA, a, C1):
QO96287


How to determine if you are affected:

For products on Windows:
1. Using Windows Explorer, locate the file “gui_cm_ctrls.ocx”. By
default, the file is in the “C:\Program Files\CA\DSM\bin\”
directory.
2. Right click on the file and select Properties.
3. Select the Version tab.
4. If the file version is earlier than indicated in the list
below, the installation is vulnerable.

Product:
CA Desktop Management Suite for Windows r11.1 (GA, a, C1),
Unicenter Desktop Management Bundle r11.1 (GA, a, C1),
Unicenter Asset Management r11.1 (GA, a, C1),
Unicenter Software Delivery r11.1 (GA, a, C1),
Unicenter Remote Control r11.1 (GA, a, C1),
CA Desktop and Server Management r11.1 (GA, a, C1)
File Name:
gui_cm_ctrls.ocx
File Version:
11.1.8124.2517

Product:
CA Desktop Management Suite for Windows r11.2,
Unicenter Desktop Management Bundle r11.2,
Unicenter Asset Management r11.2,
Unicenter Software Delivery r11.2,
Unicenter Remote Control r11.2,
CA Desktop and Server Management r11.2
File Name:
gui_cm_ctrls.ocx
File Version:
11.2.2.4332

Product:
CA Desktop Management Suite for Windows r11.2,
Unicenter Desktop Management Bundle r11.2,
Unicenter Asset Management r11.2,
Unicenter Software Delivery r11.2,
Unicenter Remote Control r11.2,
CA Desktop and Server Management r11.2
File Name:
gui_cm_ctrls.ocx
File Version:
11.2.2.4332

Product:
CA Desktop Management Suite for Windows r11.2a,
Unicenter Desktop Management Bundle r11.2a,
Unicenter Asset Management r11.2a,
Unicenter Software Delivery r11.2a,
Unicenter Remote Control r11.2a,
CA Desktop and Server Management r11.2a
File Name:
gui_cm_ctrls.ocx
File Version:
11.2.3.1896

Product:
CA Desktop Management Suite for Windows r11.2 C1,
Unicenter Desktop Management Bundle r11.2 C1,
Unicenter Asset Management r11.2 C1,
Unicenter Software Delivery r11.2 C1,
Unicenter Remote Control r11.2 C1,
BrightStor ARCserve Backup for Laptops and Desktops r11.5,
CA Desktop and Server Management r11.2 C1
File Name:
gui_cm_ctrls.ocx
File Version:
11.2.1000.17

Product:
CA Desktop Management Suite for Windows r11.2 C2,
Unicenter Desktop Management Bundle r11.2 C2,
Unicenter Asset Management r11.2 C2,
Unicenter Software Delivery r11.2 C2,
Unicenter Remote Control r11.2 C2,
CA Desktop and Server Management r11.2 C2
File Name:
gui_cm_ctrls.ocx
File Version:
11.2.2000.4


Workaround: As a temporary workaround solution, disable the
gui_cm_ctrls ActiveX control in the registry by setting the kill
bit on CLSID {E6239EB3-E0B0-46DA-A215-CFA9B3B740C5}. Disabling the
control may prevent the GUI from functioning correctly. Refer to
Microsoft KB article 240797
<http://support.microsoft.com/kb/240797> for information on how to
disable an ActiveX control.


References (URLs may wrap):
CA Support:
http://support.ca.com/
Security Notice for CA products using the DSM gui_cm_ctrls ActiveX
control
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=174256
Solution Document Reference APARs:
QI96333, QO96283, QO96286, QO96285, QO96284, QO99084, QO99080,
QO96288, QO96290, QO96289, QO96287
CA Security Response Blog posting:
CA DSM gui_cm_ctrls ActiveX Control Vulnerability
http://community.ca.com/blogs/casecurityresponseblog/archive/ \
2008/04/16/ca-dsm-gui-cm-ctrls-activex-control-vulnerability.aspx
Reported By:
Greg Linares of eEye Digital Security
CVE Reference:
CVE-2008-1786
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1786
OSVDB References: Pending
http://osvdb.org/


Changelog for this advisory:
v1.0 - Initial Release


Customers who require additional information should contact CA
Technical Support at http://support.ca.com.

For technical questions or comments related to this advisory,
please send email to vuln AT ca DOT com.

If you discover a vulnerability in CA products, please report your
findings to vuln AT ca DOT com, or utilize our "Submit a
Vulnerability" form.
URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx


Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research


CA, 1 CA Plaza, Islandia, NY 11749

Contact http://www.ca.com/us/contact/
Legal Notice http://www.ca.com/us/legal/
Privacy Policy http://www.ca.com/us/privacy/
Copyright (c) 2008 CA. All rights reserved.
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close