Multiple Sun ONE Directory Server vulnerabilities in PolicyCenter

Back to all Security AdvisoriesFollow
Security Advisories ID: 
SA64
Published Date: 
January 10, 2012
Advisory Status: 
Final
Advisory Severity: 
Medium
CVSS v2 base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE Number: 
CVE-2009-1332 - CVSS base score: 3.3 (AV:A/AC:L/Au:N/C:P/I:N/A:N)
CVE-2009-0576 - CVSS base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE-2007-3225 - CVSS base score: 4.8 (AV:A/AC:L/Au:N/C:P/I:P/A:N)
CVE-2007-3224 - CVSS base score: 3.3 (AV:A/AC:L/Au:N/C:P/I:N/A:N)
CVE-2007-2466 - CVSS base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE-2006-4175 - CVSS base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE-2006-3127 - CVSS base score: 6.1 (AV:A/AC:L/Au:N/C:N/I:N/A:C)
CVE-2006-2513 - CVSS base score: 5.8 (AV:A/AC:L/Au:N/C:P/I:P/A:P)

PolicyCenter installs and uses a version of Sun Directory Server (5.2) that has a number of publicly documented vulnerabilities. The most severe vulnerabilities allow a remote attacker to mount a denial of service attack.

Affected Products: 

All versions of PolicyCenter prior to 8.7.2 are vulnerable. PolicyCenter 8.7.2 and higher continue to be vulnerable when used with Sun ONE Directory Server 5.2.

Advisory Details: 

PolicyCenter installs and uses Sun ONE Directory Server 5.2. This version of the Sun ONE Directory Server has a number of publicly documented vulnerabilities.

The most severe vulnerabilities allow a remote attacker to mount a denial of service attack. Others allow a remote attacker to gain read and write access to specific data stored or managed by the Directory Server.  This data may include PolicyCenter configuration data.

When PolicyCenter is deployed behind a firewall, as is recommended, an attacker must gain access from the internal network in order to mount an attack. The CVSS base scores included in this advisory are based on this deployment scenario.

If PolicyCenter is deployed outside of the firewall. the CVSS base score for all CVEs listed would be higher. The CVSS base score for this security advisory would be a 7.8 (AV:N/AC:L/Au:N/C:N/I:N/A:C).

PolicyCenter 8.7.2 contains an upgrade to Sun Directory Server version 7.0 that fixes all the CVEs documented in this Security Advisory. Note that Sun Directory Server 7.0 must be installed on Windows Server 2008. When installing PolicyCenter 8.7.2 on a Windows 2000 or 2003 server, Sun Directory Server 5.2 is installed and will still have the security vulnerabilities listed in this advisory.

Note that Sun ONE Directory Server 7.0 does not address CVE-2010-0708. A fix for this vulnerability has not been published. PolicyCenter continues to be vulnerable to CVE-2010-0708.

Workarounds: 

Blue Coat recommends that PolicyCenter be deployed behind a firewall. Additional constraints on what IP addresses can be used to connect to PolicyCenter will greatly limit the ability to attack a PolicyCenter installation.

Patches: 

PolicyCenter 8.7 - a fix is available in 8.7.2.  The fix is available to customers with a valid BlueTouch Online login from https://bto.bluecoat.com/download/product/34.  PolicyCenter 8.7.2 must be installed on Windows Server 2008 in order to use Sun Directory Server 7.0.

PolicyCenter 8.6 and earlier - please upgrade to a later release.  These versions of PolicyCenter cannot be installed on Windows Server 2008 and therefore cannot use Sun Directory Server 7.0.

Advisory History: 

2012-01-17 Changed status to final
2012-01-16 Removed PacketWise as an OS search criteria.
2012-01-10 Initial public release

Feedback