CA Gateway Security and Total Defense

2011.08.01
Credit: Kotas, Kevin J
Risk: High
Local: No
Remote: Yes
CVE: CVE-2011-2667
CWE: CWE-119


CVSS Base Score: 10/10
Impact Subscore: 10/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

-----BEGIN PGP SIGNED MESSAGE----- CA20110720-01: Security Notice for CA Gateway Security and Total Defense Issued: July 20, 2011 CA Technologies support is alerting customers to a security risk with CA Gateway Security. A vulnerability exists that can allow a remote attacker to execute arbitrary code. CA has issued an update that resolves the vulnerability. The vulnerability, CVE-2011-2667, occurs due to insufficient bounds checking that can result in a memory overwrite on the heap. By sending a malformed request, an attacker can overwrite a sensitive portion of heap memory, which can potentially result in server compromise. Risk Rating High Platform Windows Affected Products CA Gateway Security 8.1 CA Total Defense r12 Non-Affected Products CA Gateway Security 9.0 How to determine if the installation is affected - From the CA Gateway Security Management Console, select About to view version information. If the version displayed is less than 8.1.0.69, the installation is vulnerable. Solution Gateway Security r8.1: Apply fix RO32642 Alternatively, update to Gateway Security 9.0 available from the CA support site. References CVE-2011-2667 - Gateway Security memory corruption CA20110720-01: Security Notice for CA Gateway Security and Total Defense (url line wraps) https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5 E404992-6B58-4C44-A29D-027D05B6285D} Acknowledgement CVE-2011-2667 - Andrea Micalizzi via the TippingPoint ZDI Change History Version 1.0: Initial Release If additional information is required, please contact CA Technologies Support at http://support.ca.com/ If you discover a vulnerability in CA Technologies products, please report your findings to the CA Technologies Product Vulnerability Response Team. (url line wraps) https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=17 7782 Regards, Kevin Kotas CA Product Vulnerability Response Team -----BEGIN PGP SIGNATURE----- Version: PGP 8.1 iQEVAwUBTicU8pI1FvIeMomJAQHDpQgAlZ5TqT9B+I4zd20wzh8GhajqGb8BIuxo sCToQG5jq+kUX1QMnL+MVv4A0nR2o2P8cgxEhNtpEOyHnTeKvBuT//ALBpQgjYQ3 lMY3tRNrqEo1BAD9x/GqVp/xIBiaqkL80bt0BXmvxxhKblSX30mUA8D+v8P+DPrO eR+VEB7feWQ9LaqjIeEa5t8P5/TxuA+XNv0EdWtU7OAFc/IzXiu91XF++I+UJs3V l9Kvdj7x7JXyqZXc3943eUR/zqbxXO2/h/67Gj+N5ub1S4TBkPuoUMcPQ3o3l2WZ 75HcRT6AIHZ6shTbD20TCl1LUs4uKmJYc41kfbCEX3BsU12WbbV+zw== =w+9B -----END PGP SIGNATURE-----

References:

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=%7B5E404992-6B58-4C44-A29D-027D05B6285D%7D
http://www.zerodayinitiative.com/advisories/ZDI-11-237/
http://www.securityfocus.com/bid/48813
http://www.securityfocus.com/archive/1/archive/1/518935/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/518934/100/0/threaded
http://securitytracker.com/id?1025813
http://securitytracker.com/id?1025812
http://secunia.com/advisories/45332


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top