Title: CAID 34661: CA Unicenter WSDM File System Read Access Vulnerability CA Vulnerability ID (CAID): 34661 CA Advisory Date: 2006-10-03 Discovered By: Oliver Karow, Symantec Security Consultant oliver_karow at symantec dot com Richard Sammet, Symantec Security Consultant richard_sammet at symantec dot com Impact: Remote attacker can access sensitive information. Summary: Unicenter Web Services Distributed Management 3.1 uses a known vulnerable version of Jetty WebServer, an open source java web server. An advisory describing the Jetty WebServer vulnerability can be found at http://www.securityfocus.com/bid/11330. The vulnerability allows a remote attacker to gain full read access on the install partitions file system of the Unicenter WSDM host system through a directory traversal attack [e.g. http://192.168.50.31:8282/..\..\..\..\boot.ini]. Mitigating Factors: This is an older vulnerability that was addressed in December 2004 with the release of Unicenter Web Services Distributed Management (WSDM) 3.11. Severity: CA has given this vulnerability a Medium risk rating. Affected Products: CA Unicenter Web Services Distributed Management (WSDM) 3.1 Affected platforms: Red Hat Linux Solaris SUSE Linux Microsoft Windows Status and Recommendation: This vulnerability was addressed in December 2004 with the release of Unicenter Web Services Distributed Management (WSDM) 3.11. Customers using Unicenter WSDM 3.1 should upgrade to WSDM 3.11 or later through the CA SupportConnect web site at http://supportconnect.ca.com. Determining if you are affected: The WSDM version in use can be determined by viewing the downloaded package name. Search for files named CAWSDM_3_1.xxx. References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ CA SupportConnect Security Notice for this vulnerability: Important Security Notice for CA Unicenter WSDM (File System Read Access Vulnerability) http://supportconnectw.ca.com/public/ca_common_docs/wsdmvuln_notice.asp CAID: 34661 CAID Advisory link: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34661 Discoverer: Symantec http://www.symantec.com CVE Reference: CVE-2004-2478 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2478 OSVDB Reference: OSVDB ID: 10490 http://osvdb.org/10490 Changelog for this advisory: v1.0 - Initial Release Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com. For technical questions or comments related to this advisory, please send email to vuln@ca.com, or contact me directly. If you discover a vulnerability in CA products, please report your findings to vuln@ca.com, or utilize our "Submit a Vulnerability" form. URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research CA, One Computer Associates Plaza. Islandia, NY 11749 Contact http://www3.ca.com/contact/ Legal Notice http://www3.ca.com/legal/ Privacy Policy http://www3.ca.com/privacy/ Copyright © 2006 CA. All rights reserved.