Flaw warnings from CA and Cisco
Associates has warned of two flaws that could allow attackers to execute malicious
code or commands to be executed on enterprise systems, as well as a third, less
serious bug that could allow an attacker to crash a system.
The bugs affect CA Message Queuing (CAM), a component found in a large number
of CA applications. Affected products include Advantage Data Transport, BrightStor
Portal, CleverPath, eTrust Admin. and Unicenter.
CA published patches for CAM v1.11 prior to build 29_13, CAM v1.07 prior to
build 220_13, and all versions of CAM v1.05. Links to the patches can be found
on CAs Web site. The most serious bug is a buffer overflow condition in
the CA Message Queuing Server that can be exploited remotely to run arbitrary
code with system privileges.
Meanwhile, Cisco Systems has warned of a security flaw affecting two of its
widely-used security systems. The flaw, involving SSL, affects CiscoWorks Management
Center for IDS Sensors, known as IDSMC, and a related product, Monitoring Center
for Security, also called Security Monitor or Secmon.
In an advisory, Cisco said that an attacker could use the bug to pretend to
be a legitimate Cisco IDS or Intrusion Prevention System.
If exploited, the attacker may be able to gather log-in credentials, submit
false data to IDSMC and Secmon, or filter legitimate data from IDSMC and Secmon,
thus impacting the integrity of the device and its reporting capabilities, Cisco
stated. Filtering could be used, for instance, to keep the security products
from detecting an attack. Cisco has offered patching instructions for the flaws
in its advisories.