Vulnerability CVE-2006-0306


Published: 2006-01-18   Modified: 2012-02-12

Description:
The DM Primer (dmprimer.exe) in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption or application hang) via a large network packet, which causes a WSAEMESGSIZE error code that is not handled, leading to a thread exit.

Type:

CWE-399

(Resource Management Errors)

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial
Affected software
CA -> Brightstor arcserve backup laptops desktops 
CA -> Brightstor mobile backup 
CA -> Business protection suite 
CA -> Desktop protection suite 
CA -> Server protection suite 
CA -> Unicenter remote control 

 References:
http://securitytracker.com/id?1015504
http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp
http://www.designfolks.com.au/karma/DMPrimer/
http://www.securityfocus.com/archive/1/422381/100/0/threaded
http://www.securityfocus.com/bid/16276
http://www.vupen.com/english/advisories/2006/0236
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756

Copyright 2024, cxsecurity.com

 

Back to Top