Broadweb Newsletter

NO. 20060126

Computer Associates iTechnology iGateway Service Vulnerability

A vulnerability has been identified in Computer Associates, Inc.'s iTechnology iGateway service, which may be exploited by remote attackers to get the same privileges as SYSTEM and execute arbitrary code. This flaw is due to an error in handling negative HTTP Content-Length values. iTechnology service provides standard web service interfaces to third-party products and presents data in XML format.

Specifically, The iGateway component of iTechnology contains the vulnerability. iGateway listens on port 5250 for HTTP or SSL packets. It has been verified by international security institutes that Computer Associates iTechnology iGateway 4.0 contains the vulnerability; it is also believed that all versions of the iGateway package prior to and including 4.0.050615 are vulnerable.

iGateway is included with the following CA products:

Advantage Data Transformer (ADT) R2.2

Harvest Change Manager R7.1

BrightStor Products:

BrightStor ARCserve Backup r11.5

BrightStor ARCserve Backup r11.1

BrightStor ARCserve Backup for Windows r11

BrightStor Enterprise Backup 10.5

BrightStor ARCserve Backup v9.01

BrightStor ARCserve Backup Laptop & Desktop r11.1

BrightStor ARCserve Backup Laptop & Desktop r11

BrightStor Process Automation Manager r11.1

BrightStor SAN Manager r11.1

BrightStor SAN Manager r11.5

BrightStor Storage Resource Manager r11.5

BrightStor Storage Resource Manager r11.1

BrightStor Storage Resource Manager 6.4

BrightStor Storage Resource Manager 6.3

BrightStor Portal 11.1

eTrust Audit 1.5 SP2 (iRecorders and ARIES)

eTrust Audit 1.5 SP3 (iRecorders and ARIES)

eTrust Audit 8.0 (iRecorders and ARIES)

eTrust Admin 8.1

eTrust Identity Minder 8.0

eTrust Secure Content Manager (SCM) R8

eTrust Integrated Threat Management (ITM) R8

eTrust Directory R8.1 (Web Components Only)

Unicenter CA Web Services Distributed Management R11

Unicenter AutoSys JM R11

Unicenter Management for WebLogic / Management for WebSphere R11

Unicenter Service Delivery R11

Unicenter Service Level Management (USLM) R11

Unicenter Application Performance Monitor R11

Unicenter Service Desk R11

Unicenter Service Desk Knowledge Tools R11

Unicenter Service Fulfillment 2.2

Unicenter Service Fulfillment R11

Unicenter Asset Portfolio Management R11

Unicenter Service Matrix Analysis R11

Unicenter Service Catalog/Fulfillment/Accounting R11

Unicetner MQ Management R11

Unicenter Application Server Managmenr R11

Unicenter Web Server Management R11

Unicenter Exchange Management R11

BSST, Broadweb Security Service Team, suggests that users of the above products do as the following:

1. Read the security notice from CA:

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778

2. Apply the patches:

ftp://ftp.ca.com/pub/iTech/downloads

3. Watch pattern release notices from Broadweb and keep their patterns up-to-date.

Broadweb Security Service Team (BSST) - Empower Your Network Security

Broadweb NetKeeper Intruder Prevention System delivers the protection against intrusion, worms, DDOS, Instant messaging, P2P , Web-Mail, and Web Post.

Reference:

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3653

[Contact Us]

BSST，Broadweb Security Service Team