Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
BugTraq
Back to list
|
Post reply
[CAID 35754]: CA Host-Based Intrusion Prevention System (CA HIPS) Server Vulnerability
Oct 19 2007 01:49PM
Williams, James K (James Williams ca com)
Title: [CAID 35754]: CA Host-Based Intrusion Prevention System
(CA HIPS) Server Vulnerability
CA Vuln ID (CAID): 35754
CA Advisory Date: 2007-10-18
Reported By: David Maciejak
Impact: A remote attacker can take unauthorized administrative
action.
Summary: CA Host-Based Intrusion Prevention System (CA HIPS)
contains a vulnerability in the Server installation that can allow
a remote attacker to take unauthorized administrative action. The
vulnerability, CVE-2007-5472, occurs due to raw request data being
displayed in the log when viewed by a browser. Note: The client
installation is not vulnerable.
Mitigating Factors: The client installation is not vulnerable.
Severity: CA has given these vulnerabilities a maximum risk rating
of Medium.
Affected Products:
CA Host-Based Intrusion Prevention System (CA HIPS) r8
Affected Platforms:
Windows
Status and Recommendation:
CA has issued the following patch to address the vulnerabilities.
CA Host-Based Intrusion Prevention System (CA HIPS) r8: QO91494
How to determine if you are affected:
1. Log in to the HIPS Administration Console.
2. Scroll down to the end of the Main page.
3. Press the "About" link on the right bottom side of the page.
4. Check the version. If the version is less than 8.0.0.93, the
installation is vulnerable.
Workaround: None
References (URLs may wrap):
CA SupportConnect:
http://supportconnect.ca.com/
Security Notice for CA Host-Based Intrusion Prevention System
(CA HIPS) Server
http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.as
p
Solution Document Reference APARs:
QO91494
CA Security Advisor posting:
CA Host-Based Intrusion Prevention System (CA HIPS) Server
Vulnerability
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=158327
CA Vuln ID (CAID): 35754
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35754
Reported By:
David Maciejak
CVE References:
CVE-2007-5472 - log content injection
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5472
OSVDB References: Pending
http://osvdb.org/
Changelog for this advisory:
v1.0 - Initial Release
Customers who require additional information should contact CA
Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory,
please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your
findings to vuln AT ca DOT com, or utilize our "Submit a
Vulnerability" form.
URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/
Legal Notice http://www.ca.com/us/legal/
Privacy Policy http://www.ca.com/us/privacy/
Copyright (c) 2007 CA. All rights reserved.
[ reply ]
Privacy Statement
Copyright 2009, SecurityFocus
Title: [CAID 35754]: CA Host-Based Intrusion Prevention System
(CA HIPS) Server Vulnerability
CA Vuln ID (CAID): 35754
CA Advisory Date: 2007-10-18
Reported By: David Maciejak
Impact: A remote attacker can take unauthorized administrative
action.
Summary: CA Host-Based Intrusion Prevention System (CA HIPS)
contains a vulnerability in the Server installation that can allow
a remote attacker to take unauthorized administrative action. The
vulnerability, CVE-2007-5472, occurs due to raw request data being
displayed in the log when viewed by a browser. Note: The client
installation is not vulnerable.
Mitigating Factors: The client installation is not vulnerable.
Severity: CA has given these vulnerabilities a maximum risk rating
of Medium.
Affected Products:
CA Host-Based Intrusion Prevention System (CA HIPS) r8
Affected Platforms:
Windows
Status and Recommendation:
CA has issued the following patch to address the vulnerabilities.
CA Host-Based Intrusion Prevention System (CA HIPS) r8: QO91494
How to determine if you are affected:
1. Log in to the HIPS Administration Console.
2. Scroll down to the end of the Main page.
3. Press the "About" link on the right bottom side of the page.
4. Check the version. If the version is less than 8.0.0.93, the
installation is vulnerable.
Workaround: None
References (URLs may wrap):
CA SupportConnect:
http://supportconnect.ca.com/
Security Notice for CA Host-Based Intrusion Prevention System
(CA HIPS) Server
http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.as
p
Solution Document Reference APARs:
QO91494
CA Security Advisor posting:
CA Host-Based Intrusion Prevention System (CA HIPS) Server
Vulnerability
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=158327
CA Vuln ID (CAID): 35754
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35754
Reported By:
David Maciejak
CVE References:
CVE-2007-5472 - log content injection
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5472
OSVDB References: Pending
http://osvdb.org/
Changelog for this advisory:
v1.0 - Initial Release
Customers who require additional information should contact CA
Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory,
please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your
findings to vuln AT ca DOT com, or utilize our "Submit a
Vulnerability" form.
URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/
Legal Notice http://www.ca.com/us/legal/
Privacy Policy http://www.ca.com/us/privacy/
Copyright (c) 2007 CA. All rights reserved.
[ reply ]