OSVDB ID: 22529

Title: CA Multiple Products Crafted Traffic DM Primer DoS

Info

Disclosure
Jan 17, 2006

Discovery
Dec 20, 2005

Dates

Exploit
Jan 17, 2006

Solution
Unknown

Description

 Multiple Computer Associates products that use DM Primer contain a flaw that may allow a remote denial of service. The issue is triggered when a UDP packet of larger than 1000h is intercepted, and recvfrom triggers an error which returns a -1 value, which will result in loss of availability of the Remote Control service.

Classification

 Location: Remote / Network Access
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Public
Disclosure: OSVDB Verified

Solution

 The vendor recommends uninstalling the DM Primer service as it is only utilized for the initial installation of the products.

Products

Computer Associates International, Inc.

BrightStor ARCServe Backup for Laptops & Desktops

 11.x

Business Protection Suite for Microsoft Small Business Server

 Premium Edition r2
Standard Edition r2

Business Protection Suite for Midsize Business for Windows

 r2

Business Protection Suite

 r2

Desktop Protection Suite

 r2

Server Protection Suite

 r2

Unicenter Remote Control

 6.x

References

Credit
  • Cengiz Aykanat -


Direct URL: http://osvdb.org/22529