Title: [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities CA Vuln ID (CAID): 35690, 35691, 35692 CA Advisory Date: 2007-09-26 Reported By: Sean Larsson, iDefense Labs anonymous researcher working with the iDefense VCP Aaron Portnoy of DV Labs (dvlabs.tippingpoint.com) Impact: A remote attacker can execute arbitrary code or cause a denial of service condition. Summary: Multiple vulnerabilities exist in the CsAgent service that can allow a remote attacker to execute arbitrary code or cause a denial of service condition. The first set of vulnerabilities, CVE-2007-5082, occur due to insufficient bounds checking in multiple CsAgent service commands. The second set of vulnerabilities, CVE-2007-5083, occur due to insufficient validation of integer values in multiple CsAgent service commands, which can lead to buffer overflow. The third set of vulnerabilities, CVE-2007-5084, occur due to insufficient validation of strings used in SQL statements in multiple CsAgent service commands. Mitigating Factors: None Severity: CA has given these vulnerabilities a maximum risk rating of High. Affected Products: CA BrightStor Hierarchical Storage Manager r11.5 Affected Platforms: Windows Status and Recommendation: CA has provided an update to address the vulnerabilities. Upgrade to BrightStor Hierarchical Storage Manager r11.6. BrightStor Hierarchical Storage Manager r11.6: http://supportconnectw.ca.com/premium/bstorhsm/downloads/BHSMr11_6.zip How to determine if you are affected: Run the BrightStor HSM Administrator GUI and open Help->About from the toolbar to view the version. If the version is less than 11.6, the installation is vulnerable. Workaround: None References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ CA BrightStor Hierarchical Storage Manager CsAgent Security Notice http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp Solution Document Reference APARs: n/a CA Security Advisor posting: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156444 CA Vuln ID (CAID): 35690, 35691, 35692 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35691 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692 Reported By: Sean Larsson, iDefense Labs; an anonymous researcher working with the iDefense VCP; Aaron Portnoy of DV Labs (dvlabs.tippingpoint.com) iDefense advisory: http://labs.idefense.com/intelligence/vulnerabilities/ ZDI advisory: http://www.zerodayinitiative.com/advisories.html CVE References: CVE-2007-5082, CVE-2007-5083, CVE-2007-5084 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5082 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5083 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5084 OSVDB References: Pending http://osvdb.org/ Changelog for this advisory: v1.0 - Initial Release Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com. For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com. If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research CA, 1 CA Plaza, Islandia, NY 11749 Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved.