Title: [CAID 35754]: CA Host-Based Intrusion Prevention System
(CA HIPS) Server Vulnerability
CA Vuln ID (CAID): 35754
CA Advisory Date: 2007-10-18
Reported By: David Maciejak
Impact: A remote attacker can take unauthorized administrative
action.
Summary: CA Host-Based Intrusion Prevention System (CA HIPS)
contains a vulnerability in the Server installation that can allow
a remote attacker to take unauthorized administrative action. The
vulnerability, CVE-2007-5472, occurs due to raw request data being
displayed in the log when viewed by a browser. Note: The client
installation is not vulnerable.
Mitigating Factors: The client installation is not vulnerable.
Severity: CA has given these vulnerabilities a maximum risk rating
of Medium.
Affected Products:
CA Host-Based Intrusion Prevention System (CA HIPS) r8
Affected Platforms:
Windows
Status and Recommendation:
CA has issued the following patch to address the vulnerabilities.
CA Host-Based Intrusion Prevention System (CA HIPS) r8: QO91494
How to determine if you are affected:
Workaround: None
References (URLs may wrap):
CA SupportConnect:
http://supportconnect.ca.com/
Security Notice for CA Host-Based Intrusion Prevention System
(CA HIPS) Server
http://supportconnectw.ca.com/public/cahips/infodocs/cahips-secnotice.asp
Solution Document Reference APARs:
QO91494
CA Security Advisor posting:
CA Host-Based Intrusion Prevention System (CA HIPS) Server
Vulnerability
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=158327
CA Vuln ID (CAID): 35754
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35754
Reported By:
David Maciejak
CVE References:
CVE-2007-5472 - log content injection
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5472
OSVDB References: Pending
http://osvdb.org/
Changelog for this advisory:
v1.0 - Initial Release
Customers who require additional information should contact CA
Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory,
please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your
findings to vuln AT ca DOT com, or utilize our "Submit a
Vulnerability" form.
URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/
Legal Notice http://www.ca.com/us/legal/
Privacy Policy http://www.ca.com/us/privacy/
Copyright (c) 2007 CA. All rights reserved.