Home / vulnerabilitiesPDF  

CA Single Sign-On Web Agents Information Disclosure / Denial Of Service

Posted on 24 March 2016
Source : packetstormsecurity.org Link

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CA20160323-01: Security Notice for CA Single Sign-On Web Agents

Issued: March 23, 2016
Last Updated: March 23, 2016

CA Technologies Support is alerting customers to potential risks with CA
Single Sign-On (CA SSO), formerly known as CA SiteMinder. Michael
Brooks of BishopFox alerted CA to vulnerabilities that can allow a remote
attacker to cause a denial of service or possibly gain sensitive
information. CA has fixes that address the vulnerabilities.

The first vulnerability, CVE-2015-6853, occurs due to insufficient
verification of requests in the CA SSO Domino web agent. A remote
attacker can make a request that could result in a crash or the
disclosure of sensitive information. CA has assigned this vulnerability
a High risk rating. Only CA SSO customers using the Domino web agent
are affected by this vulnerability.

The second vulnerability, CVE-2015-6854, occurs due to insufficient
verification of requests in all CA SSO web agents other than the Domino
web agent. A remote attacker can make a request that could result in a
crash or disclose sensitive information. CA has assigned this vulnerability
a High risk rating. The web agents in CA SSO versions 12.51 and 12.52
are not affected by this vulnerability. Secure Proxy Server (SPS)
Agents, SharePoint Agents, Application Server Agents, ERP Agents,
Web Agent Option Pack, and Custom Agents are also not affected by
this vulnerability.

Risk Rating

CVE Identifier
Risk

CVE-2015-6853
High

CVE-2015-6854
High

Platform

All supported platforms

Affected Products

CVE-2015-6853 applies to the Domino web agent with the following
versions:

CA Single Sign-On R6, R12, R12.0J, R12.5, R12.51, R12.52

CVE-2015-6854 applies to all web agents, except the Domino agent,
with the following versions:

CA Single Sign-On R6, R12, R12.0J, R12.5

Note: Secure Proxy Server (SPS) Agents, SharePoint Agents, Application
Server Agents, ERP Agents, Web Agent Option Pack, and Custom Agents
are not impacted by these vulnerabilities.

How to determine if the installation is affected

See the Solution section for the web agent fix version. Customers may
enable and examine the web agent log to determine the version.

Solution

Customers running R6 agents should update to a web agent from CA
SSO R12.0 SP3 CR13, R12.0J SP3 CR1.2, R12.5 CR5, R12.51 CR4, or
R12.52 SP1 CR3.

Fix table for CVE-2015-6853
Web Agent Version - Fix Version
R12.0 Domino web agent - R12.0 SP3 CR13
R12.0J Domino web agent - R12.0J SP3 CR1.2
R12.5 Domino web agent - R12.5 CR5
R12.51 Domino web agent - R12.51 CR4
R12.52 Domino web agent - R12.52 SP1 CR3

Fix table for CVE-2015-6854
Web Agent Version - Fix Version
R12.0 web agents except the Domino web agent - R12.0 SP3 CR13
R12.0J web agents except the Domino web agent - R12.0J SP3 CR1.2
R12.5 web agents except the Domino web agent - R12.5 CR5
R12.51 web agents except the Domino web agent - Not affected
R12.52 web agents except the Domino web agent -Not affected

References

CVE-2015-6853 - Single Sign-On Domino web agent denial of service,
information disclosure
CVE-2015-6854 - Single Sign-On web agent (non-Domino) denial of
service, information disclosure

Acknowledgement

CVE-2015-6853, CVE-2015-6854 - Michael Brooks of BishopFox

Change History

Version 1.0: Initial Release

If additional information is required, please contact CA Technologies
Support at https://support.ca.com/

If you discover a vulnerability in CA Technologies products, please
report your findings to the CA Technologies Product Vulnerability
Response Team at vuln@ca.com

Security Notices and PGP key
https://support.ca.com/irj/portal/anonymous/phpsbpldgpg
www.ca.com/us/support/ca-support-online/documents.aspx?id=177782

Regards,

Kevin Kotas
Vulnerability Response Director
CA Technologies Product Vulnerability Response Team

Copyright (c) 2016 CA. All Rights Reserved. One CA Plaza, Islandia,
N.Y. 11749. All other trademarks, trade names, service marks, and
logos referenced herein belong to their respective companies.

-----BEGIN PGP SIGNATURE-----
Charset: utf-8

wsFVAwUBVvKxnzuotw2cX+zOAQp+ohAAhXKwNMRccyynOxZTjg0DOcj7raaVbj0N
zjsJ6fmcQLAkdH3FGaZGJV41fwNsYTknZsxTQzKeT/mBBDo3FGxIkxPhNUgOWEyk
57HOTPrZyp5V65eBF/H4tiSWrlDg6uxPAbrpqGlotD4f12LyqwS8+rGFnJBCv7/q
Pj2CDuJProFfNA6XcrA+WmaqZy7hWiOS4lM93oLhISFep6J9vCsSmAr1a8/XSPSR
0xm5TCIn/XfEXQJxURklOvmL7afuGtRXwnTamUtwm7fk9YSfalONVmze4rM9pmpK
8e4RhCu1GSPhmc7hEmrqQ0b5TzPkkYuFN1rz5qs9I457UOryiVys3mXA5bE1ybQJ
FBB+EXfUWC4GJHL0YwgoqDWPAiwPrR3QRVrPXqPfmt3I7mek3iEMEcL6QlKVLD+M
5rzqrDrAig8Z5MpTNPlaiFeR7v39Lwp6yfrVEO9VXww/aya5QJUX3CLI4Q1ALmTP
+rNLoW+gRDSvw2JA0+ZJGLJc4NRVfHtnVH0bqGHd+YRC5u1TojXbzb3xPgy0w1IC
UnjNRRi/6gz9S+xSHxxszO8aVUDsmL0wmPbHd49/Wbk9nuhDiXwGAmdkyjE0V1Ag
IAW1/8IfoJ0WPb04akZS//KiTzb414Tdoq6cu7Pv3Ak9r3dtsSdbQuk0o++O5PES
PocR83/+2KQ=
=zFka
-----END PGP SIGNATURE-----

 

TOP