Home / vulnerabilities CA Common Services Privilege Escalation
Posted on 07 June 2015
Source : packetstormsecurity.org Link
-----BEGIN PGP SIGNED MESSAGE-----
CA20150604-01: Security Notice for CA Common Services
Issued: June 4, 2015
CA Technologies Support is alerting customers to multiple potential
risks with products that bundle CA Common Services on Unix/Linux
platforms. A local attacker may exploit these vulnerabilities to
gain additional privileges.
The first vulnerability, CVE-2015-3316, occurs due to insecure use of
an environment variable which may enable a local attacker to gain
privileged access.
The second vulnerability, CVE-2015-3317, occurs due to multiple
instances of insufficient bounds checking which can potentially
allow a local attacker to gain privileged access.
The third vulnerability, CVE-2015-3318, occurs due to inadequate
validation of a variable which can possibly allow a local attacker
to gain privileged access.
Risk Rating
Medium
Platform
AIX, HP-UX, Linux, Solaris
Affected Products
CA Common Services, all versions on AIX, HP-UX, Linux, Solaris
CA Technologies products that bundle this software include:
CA Client Automation r12.5 SP01, r12.8, r12.9 on AIX, HP-UX, Linux,
Solaris
CA Network and Systems Management r11.0, r11.1, r11.2 on AIX, HP-UX,
Linux, Solaris
CA NSM Job Management Option r11.0, r11.1, r11.2 on AIX, HP-UX,
Linux, Solaris
CA Universal Job Management Agent on AIX, HP-UX, Linux, Solaris
CA Virtual Assurance for Infrastructure Managers (SystemEDGE) 12.6,
12.7, 12.8, 12.9 on AIX, HP-UX, Linux, Solaris
CA Workload Automation AE r11.3.6, r11.3.5, r11.3, r11 on AIX, HP-UX,
Linux, Solaris
How to determine if the installation is affected
CA Client Automation,
CA Network and Systems Management,
CA NSM Job Management Option,
CA Universal Job Management Agent,
CA Workload Automation AE:
Customers can use the applyptf program to determine if the patch from
the solution section is present.
CA Virtual Assurance for Infrastructure Managers (SystemEDGE):
Customers should review the solution section.
Solution
CA Client Automation:
Linux RO80741, AIX RO80722, HP-UX RO80734, Sun SPARC RO80736,
Sun Intel RO80739
CA Network and Systems Management:
Linux RO80380, AIX RO80381, HP-UX RO80382, Sun SPARC RO80383,
Sun Intel RO80384
CA NSM Job Management Option:
Linux RO80380, AIX RO80381, HP-UX RO80382, Sun SPARC RO80383,
Sun Intel RO80384
CA Universal Job Management Agent:
Linux RO80919, AIX RO80920, HP RO80921, Sun SPARC RO80923,
Sun Intel RO80922
CA Virtual Assurance for Infrastructure Managers (SystemEDGE):
CA Virtual Assurance for Infrastructure Managers (SystemEDGE) does
not require CA Common Services. If no other CA product from this
security notice is present on the server, customers may remove the
read, write, and execute permissions from the casrvc and
libcaconfigutils.so binaries. Customers may contact support for
further guidance.
CA Workload Automation AE:
Linux RO81050, AIX RO81051, HP-UX RO81052, Sun SPARC RO81053,
Sun Intel RO81054
References
CVE-2015-3316 - CA Common Services environment variable
CVE-2015-3317 - CA Common Services multiple buffer overflows
CVE-2015-3318 - CA Common Services variable validation
Acknowledgement
Francois Goichon, Context IS
Change History
Version 1.0: Initial Release
If additional information is required, please contact CA Technologies
Support at https://support.ca.com/
If you discover a vulnerability in CA Technologies products, please
report your findings to the CA Technologies Product Vulnerability
Response Team at vuln@ca.com
Security Notices
https://support.ca.com/irj/portal/anonymous/phpsbpldgpg
Regards,
Kevin Kotas
Vulnerability Response Director
CA Technologies Product Vulnerability Response Team
Copyright (c) 2015 CA. All Rights Reserved. One CA Plaza, Islandia,
N.Y. 11749. All other trademarks, trade names, service marks, and
logos referenced herein belong to their respective companies.
-----BEGIN PGP SIGNATURE-----
Charset: utf-8
wsBVAwUBVXCoxZI1FvIeMomJAQEcNAgAgKsfQhQP7v1dZ6jmpIkHklC1fjcGIQjk
32kfT7KB4VMPJGlLM0eml711syNcmNMkbkPWuBL+qMmpNGlZW7UT91TLjhhGDOwd
2UAFnDHQSYdguEaXVndc6z3zRyz8tm+EtP22xx9h5jg1xp/jAdviajoyei6DMAKX
oQjH/djCmIVFCvWV8qqan/i+yGnWLBJ7fgwONpVRz4bcdosXd4+/wqctNrTNzKmD
qeDxhWfltRIDv5zVvrYaP3++ZQJRUIT2Pd06y5eKr6hUgSsVdZA9iLiWEcm/ZCdH
KwvfarjwZS0E28iXXyQtwWhoBLP4UflIITDYE06VfisSccFrB9wD2Q==
=+zoS
-----END PGP SIGNATURE-----