Computer Associates (CA) Message Queuing Security Notice

The CA Customer Support team has recently become aware of several vulnerability issues in the CA Message Queuing (CAM / CAFT) software:


- The CAM TCP port is potentially vulnerable to a Denial of Service (DoS) attack.
- Buffer overflow conditions can potentially allow arbitrary code to be executed remotely with elevated privileges.
- Potential to launch a spoof CAFT and allow arbitrary commands to be executed with elevated privileges.


CA has made patches available for all affected users.


This affects all versions of the CA Message Queuing software prior to v1.07 Build 220_13 and v1.11 Build 29_13 on the specified platforms.


Affected products:


Unicenter Performance Management for OpenVMS r2.4 SP3
AdviseIT 2.4
Advantage™ Data Transport 3.0
BrightStor® SAN Manager 1.1, 1.1 SP1, 1.1 SP2, 11.1
BrightStor® Portal 11.1
CleverPath™ OLAP 5.1
CleverPath™ ECM 3.5
CleverPath™ Predictive Analysis Server 2.0, 3.0
CleverPath™ Aion 10.0
eTrust™ Admin 2.01, 2.04, 2.07, 2.09, 8.0, 8.1
Unicenter® Application Performance Monitor 3.0, 3.5
Unicenter® Asset Management 3.1, 3.2, 3.2 SP1, 3.2 SP2, 4.0, 4.0 SP1
Unicenter® Data Transport Option 2.0
Unicenter® Enterprise Job Manager 1.0 SP1, 1.0 SP2
Unicenter® Jasmine 3.0
Unicenter® Management for WebSphere MQ 3.5
Unicenter® Management for Microsoft Exchange 4.0, 4.1
Unicenter® Management for Lotus Notes/Domino 4.0
Unicenter® Management for Web Servers 5, 5.0.1
Unicenter® NSM 3.0, 3.1
Unicenter® NSM Wireless Network Management Option 3.0
Unicenter® Remote Control 6.0, 6.0 SP1
Unicenter® Service Level Management 3.0, 3.0.1, 3.0.2, 3.5
Unicenter® Software Delivery 3.0, 3.1, 3.1 SP1, 3.1 SP2, 4.0, 4.0 SP1
Unicenter® TNG 2.1, 2.2, 2.4, 2.4.2
Unicenter® TNG JPN 2.2


Affected platforms:


AIX, DG Intel, DG Motorola, DYNIX, OSF1, HP-UX, IRIX, Linux Intel, Linux s/390, Solaris Intel, Solaris Sparc, UnixWare, Windows, Apple Mac, AS/400, MVS, NetWare, OS/2 and OpenVMS.


For more details and solutions, please visit SupportConnect of CA

Leave a Reply