Computer Associates BrightStor Hierarchical Storage Manager CsAgent Multiple Remote Vulnerabilities

Bugtraq ID:	25823
Class:	Unknown
CVE:	CVE-2007-5082 CVE-2007-5083 CVE-2007-5084
Remote:	Yes
Local:	No
Published:	Sep 26 2007 12:00AM
Updated:	Jun 06 2008 11:12PM
Credit:	Sean Larsson, Aaron Portnoy, and an anonymous researcher are credited with discovering these issues.
Vulnerable:	Computer Associates BrightStor Hierarchical Storage Manager 11.5
Not Vulnerable:	Computer Associates BrightStor Hierarchical Storage Manager 11.6

Computer Associates BrightStor Hierarchical Storage Manager CsAgent Multiple Remote Vulnerabilities

Computer Associates BrightStor Hierarchical Storage Manager is prone to multiple remote vulnerabilities.

A remote attacker may exploit these issues to execute arbitrary code with SYSTEM-level privileges. Successful exploits can result in a complete compromise of affected computers. Other attacks and failed exploit attempts may also cause denial-of-service conditions.

BrightStor Hierarchical Storage Manager r11.5 is affected.

Computer Associates BrightStor Hierarchical Storage Manager CsAgent Multiple Remote Vulnerabilities

A proof-of-concept (ca-brightstor-hsm_dos.pl) exploit has been released for one of the opcode-handling buffer-overflow vulnerabilities. The proof of concept may trigger a denial of service.

DSquare Security has developed a working commercial exploit for its D2 Exploitation Pack product. This exploit is not otherwise publicly available or known to be circulating in the wild.

A Metasploit exploit module (25823.rb) targeting one of the buffer-overflow issues on the Windows platform is publicly available.

• /data/vulnerabilities/exploits/ca-brightstor-hsm_dos.pl
• /data/vulnerabilities/exploits/25823.rb

Computer Associates BrightStor Hierarchical Storage Manager CsAgent Multiple Remote Vulnerabilities

Solution:
The vendor has released updates to address these issues. Please see the references for more information.


Computer Associates BrightStor Hierarchical Storage Manager 11.5

• Computer Associates BrightStor Hierarchical Storage Manager r11.6
  http://supportconnectw.ca.com/premium/bstorhsm/downloads/BHSMr11_6.zip

Computer Associates BrightStor Hierarchical Storage Manager CsAgent Multiple Remote Vulnerabilities

References:

• BrightStor Hierarchical Storage Manager (Computer Associates)
  
• Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities (iDefense)
  
• TPTI-07-16: CA BrightStor Hierarchical Storage Manager Buffer Overflow Vulnerabi ([email protected])
  
• TPTI-07-17: CA BrightStor Hierarchical Storage Manager SQL Injection Vulnerabili ([email protected])
  
• [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent M ('Williams, James K' )
  
• CA BrightStor Hierarchical Storage Manager Buffer Overflow Vulnerability ([email protected])
  
• CA BrightStor Hierarchical Storage Manager SQL Injection Vulnerability ([email protected])
  
• iDefense Security Advisory 09.27.07: Computer Associates BrightStor HSM r11.5 Mu (iDefense)
  
• CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities (Computer Associates)
  
• CA Vuln ID (CAID): 35690 (Computer Associates)
  
• CA Vuln ID (CAID): 35691 (Computer Associates)
  
• CA Vuln ID (CAID): 35692 (Computer Associates)