×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
BMC Server Automation 8.2 ... Release notes and notices Flashes

Notification of Windows RSCD Agent vulnerability in BMC Server Automation, CVE-2016-5063

BMC Software is alerting users to a security problem in the RSCD agent on Microsoft Windows platforms for all versions of BMC Server Automation, up to and including version 8.7 Patch 2, as well as in any BMC solution that includes this technology.

The issue is fixed in version 8.7 Patch 3 and in version 8.8.

This topic includes the following sections:

Problem

Assigned CVE-ID: CVE-2016-5063

A security authentication vulnerability involving a Windows RSCD Agent authorization bypass flaw has been identified. 

The issue exists when the exports file allows a remote system to connect to the Windows RSCD agent, and the users file does not properly enforce access restriction. A Remote Procedure Call (RPC) can be executed in this case when it should be denied by the users file access restriction.

A typical example would be an exports file that provides * rw access to a server, and a users file with the nouser option specified. In this example:

  • The exports file allows the remote host to connect to the agent
  • The users file would deny access to the server if it did not contain a match in users or users.local
  • Then, the nouser entry in users would block further access from the remote host.

This issue does not exist on Unix RSCD agents.

BMC strongly recommends that customers take corrective action as soon as possible, either by following the workaround or by upgrading to version 8.7 P3 or version 8.8.

Note

The issue is fixed in BMC Server Automation version 8.7 P3, and also in version 8.8.

In this specific case, the agents upgraded to version 8.7 Patch 3 are qualified to work with the version 8.7 Patch 2 Application Server.

Mitigation

The exports file should be altered to only accept connections from authorized systems - such as the BladeLogic Server Automation Appliation Servers, Repeaters, and SOCKS Proxies.

Solution

Update the RSCD Agent on the affected systems to 8.7 P3 or 8.8 (whichever version is qualified to work with your Application Server).

Frequently Asked Questions

 No, this only applies to Windows RSCD agents.

Any Windows RSCD agents before 8.7.00 Patch3 or 8.8.00

 

Where to go for additional information

If you have any questions about the issue, contact BMC Customer Support at 800 5371813 (United States or Canada) or call your local support center.



Was this page helpful? Yes No Submitting... Thank you
Last modified by Fran Coughlin on Jun 16, 2016

Comments

Log in or register to comment.

Flashes
Notification of critical security issue in BMC Server Automation, CVE-2016-1542, CVE-2016-1543
© Copyright 2017 BMC Software, Inc. © Copyright 2017 BladeLogic, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.