ESB-2018.1347 - [Win][RedHat][Solaris] CA Spectrum: Denial of service - Remote/unauthenticated 2018-05-03

Printable version
PGP/GPG verifiable version

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2018.1347
                      Security update for CA Spectrum
                                3 May 2018

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           CA Spectrum
Publisher:         CA Technologies
Operating System:  Windows
                   Red Hat
                   Solaris
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-6589  

Original Bulletin: 
   https://support.ca.com/us/product-content/recommended-reading/security-notices/ca20180501-01--security-notice-for-ca-spectrum.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

CA20180501-01: Security Notice for CA Spectrum

Issued: May 1st, 2018
Last Updated: May 1st, 2018

CA Technologies Support is alerting customers to a potential risk
with CA Spectrum. A vulnerability exists that can allow an
unauthenticated remote attacker to cause a denial of service. CA has
solutions to resolve the vulnerability.

The vulnerability, CVE-2018-6589, occurs due to how a Spectrum
network service handles invalid data. A remote attacker can send a
request that may disrupt a Spectrum service and potentially cause
further product instability.

Risk Rating

CVE Identifier
Risk Rating

CVE-2018-6589
High

Platform(s)

All

Affected Products

CA Spectrum 10.1.x
CA Spectrum 10.2.x

Unaffected Products

CA Spectrum 10.2.3

How to determine if the installation is affected

Use one of the below methods to find the CA Spectrum product version:
1. CA OneClick Console: Click on Help -> About
2. Open the Spectrum Console Panel on the SpectroServer and click on
Help -> About
3. On SpectroServer: Go to the Spectrum install directory, open the
.installrc file and find the "VERSION"

Solution

CA Technologies published the following solutions to resolve the
vulnerability.

CA Spectrum 10.1.x:
Apply 10.01.02.PTF_10.1.239

CA Spectrum 10.2.x:
Update to CA Spectrum 10.2.3

References

CVE-2018-6589 - CA Spectrum Denial of Service

Acknowledgement

CVE-2018-6589 - Francesco Scibetta

Change History

Version 1.0: Initial Release

Customers who require additional information about this notice may
contact CA Technologies Support at https://support.ca.com/

To report a suspected vulnerability in a CA Technologies product,
please send a summary to CA Technologies Product Vulnerability
Response at vuln <AT> ca.com

Security Notices and PGP key
support.ca.com/irj/portal/anonymous/phpsbpldgpg
www.ca.com/us/support/ca-support-online/documents.aspx?id=3D177782

Regards,

Kevin Kotas
Vulnerability Response Director
CA Technologies Product Vulnerability Response

Copyright (c) 2018 CA. 520 Madison Avenue, 22nd Floor, New York, NY
10022.  All other trademarks, trade names, service marks, and logos
referenced herein belong to their respective companies.

- -----BEGIN PGP SIGNATURE-----
Charset: utf-8

wsFVAwUBWuiPK8Mr2sgsME5lAQrSFw/+ODt5YOFxRR5DpqYceXD+632QlKciImVE
11weVg55o11K7ZvLuQfKvfOl1C0DIwXuiwsCg29EdVGaoSYYhXHeHBw7k3tYhGLp
eea45ha0ZPBtl31IYZbloyOZtCOG1RwZFiHXoC8YnBC4Y0MSeY3pwGCKzSlgvkMg
mqYw+s9nRr24hO6cSWYLQAgxtvjL3b/oX5UMbCiAlzBg7oVkiAqvjnka4f+fY4+r
2HzH05vy0JFD7hTVRROUimlZ3yy2HjbWj/UHcCZdm/5q5qrIVMHnIK3jfV7TjF90
+neTCG2xUR+0Xd9KBct2hqRtvEH1kiJ8stWx7zDhTaRUjQVBVfG3gizE+MCDljrN
ngj8K2uOw8cvDBrj2n8rR7QZ5x8LrfTMs3yMW4ori+RYlWK1GkI/jRi4Y6qJLSrk
+rrlEPxGR0P74eWAgNvZPka1M92D8zpBUvIIbnZLJMGkIdf5/cmDvCwxP0dQzO16
DrbdffuTUNyS4DdpglFoTKNYq2hN3KJgkiJLdp8kekDlflSG5BRP5t9vpJZkxcfX
DywbVRkPgf9wJyvqweaDBAU3CI4Z8KlifbuPiO0pbv85tO602zUlWs00BaLp3b9a
75UTWUVTrJ75sgbNbMrHq/JZ/nZPvEapXkMU/Ka5Dw/6AXb6Dc7kWTA0XXNDBpe6
dLWBxdURIKg=3D
=3DQbR0
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBWuqL9Ix+lLeg9Ub1AQg8DBAAqNrXfpEyo413YiyloUwHh7Ok4x1OOJ/k
dYeHFxCzYny7pqZ8/rtuGmwiGdN9GgAGicB9RDwxQvgZusj4utf7eRoZiR+rxzD1
v9FA/E97ks7vSG6+en7Y92tzfy9lI5WzKFpx+slCuwrjxGqfE55CH5GdYfb8hWre
UtregDewTVTxXaA8C4fzSe2aCYAHEgM3NLOUvjBRcMe2g8ndzh7EN/IrXc36Cb5J
QofOztVt7tI4nGHnLuB3Xmr2VN1Av/qPZrWhO9YaDp+sjpT8VBLy1zy9+6ZMDF5H
T0LiGgLK/MPIBYremxbYMaMDHn5cF08uAEEmArqbRGG4cgfhYEp4FbahrsPx0oq8
DHTTriC8h4CJEHywTXMpl6BtyKluNSu8WHJz+fnw9S44hNVedNddFTWErkiaPo3W
i9uqFouDFzsctCcF5t0w4M2Il0Mj3Y0Uv6wFJ/fadTXCeRbc44Fw4WZcls6Sg/E2
xKbn5nNRv5eMSsbZ3jgf03cu5ourck++0DJlXwB0Xp2mhbtqrOVxjFCf7XVMlYji
rzeBtHz4l6Jo0737KPGWoqO1W+Qrc1aHS6r40EgoGk1IG64pIns6aKdVfoS/1MAK
StLSVokrf1oXXYoPa30K0vFmElvo6jBHS1vLe+Had4ncnUSPk31X7eZFh8mtEHKK
6Y/6cawyI18=
=A+Rb
-----END PGP SIGNATURE-----

« Back to bulletins