Security Advisories

January 10, 2012 - Multiple Sun ONE Directory Server vulnerabilities in PolicyCenter

Security Advisories ID:    SA64
Version:    4.0
Status:    Published
Published date:    11/14/2011
Updated:    01/17/2012
 

Advisory Status

Final

Advisory Severity

Medium, CVSS v2 base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)

CVE Number

CVE-2009-1332 - CVSS base score: 3.3 (AV:A/AC:L/Au:N/C:P/I:N/A:N)
CVE-2009-0576 - CVSS base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE-2007-3225 - CVSS base score: 4.8 (AV:A/AC:L/Au:N/C:P/I:P/A:N)
CVE-2007-3224 - CVSS base score: 3.3 (AV:A/AC:L/Au:N/C:P/I:N/A:N)
CVE-2007-2466 - CVSS base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE-2006-4175 - CVSS base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE-2006-3127 - CVSS base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE-2006-2513 - CVSS base score: 5.8 (AV:A/AC:L/Au:N/C:P/I:P/A:P)

Summary

PolicyCenter installs and uses a version of Sun Directory Server (5.2) that has a number of publicly documented vulnerabilities. The most severe vulnerabilities allow a remote attacker to mount a denial of service attack.

Affected Products

All versions of PolicyCenter prior to 8.7.2 are vulnerable. PolicyCenter 8.7.2 and higher continue to be vulnerable when used with Sun ONE Directory Server 5.2.

Details

PolicyCenter installs and uses Sun ONE Directory Server 5.2. This version of the Sun ONE Directory Server has a number of publicly documented vulnerabilities.

The most severe vulnerabilities allow a remote attacker to mount a denial of service attack. Others allow a remote attacker to gain read and write access to specific data stored or managed by the Directory Server.  This data may include PolicyCenter configuration data.

When PolicyCenter is deployed behind a firewall, as is recommended, an attacker must gain access from the internal network in order to mount an attack. The CVSS base scores included in this advisory are based on this deployment scenario.

If PolicyCenter is deployed outside of the firewall. the CVSS base score for all CVEs listed would be higher. The CVSS base score for this security advisory would be a 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C).

PolicyCenter 8.7.2 contains an upgrade to Sun Directory Server version 7.0 that fixes all the CVEs documented in this Security Advisory. Note that Sun Directory Server 7.0 must be installed on Windows Server 2008. When installing PolicyCenter 8.7.2 on a Windows 2000 or 2003 server, Sun Directory Server 5.2 is installed and will still have the security vulnerabilities listed in this advisory.

Note that Sun ONE Directory Server 7.0 does not address CVE-2010-0708. A fix for this vulnerability has not been published. PolicyCenter continues to be vulnerable to CVE-2010-0708.

Workarounds

Blue Coat recommends that PolicyCenter be deployed behind a firewall. Additional constraints on what IP addresses can be used to connect to PolicyCenter will greatly limit the ability to attack a PolicyCenter installation.

Patches

PolicyCenter 8.7 - a fix is available in 8.7.2.  The fix is available to customers with a valid BlueTouch Online login from https://bto.bluecoat.com/download/product/34.  PolicyCenter 8.7.2 must be installed on Windows Server 2008 in order to use Sun Directory Server 7.0.

PolicyCenter 8.6 and earlier - please upgrade to a later release.  These versions of PolicyCenter cannot be installed on Windows Server 2008 and therefore cannot use Sun Directory Server 7.0.

Advisory History

2012-01-17 Changed status to final
2012-01-16 Removed PacketWise as an OS search criteria.
2012-01-10 Initial public release


Rate this Page

Please take a moment to complete this form to help us better serve you.

Did this document help answer your question?
 
 
If you are finished providing feedback, please click the RATE CONTENT button. Otherwise, please add more detail in the following text box and then click RATE CONTENT.
 
 

Your response will be used to improve our document content.

Ask a Question