Vulnerabilities > CVE-2006-0306 - Resource Management Errors vulnerability in multiple products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
ca
broadcom
CWE-399
nessus
exploit available
NVD
Published: 2006-01-19
Updated: 2024-02-14

Summary

The DM Primer (dmprimer.exe) in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption or application hang) via a large network packet, which causes a WSAEMESGSIZE error code that is not handled, leading to a thread exit.

Vulnerable Configurations

Part Description Count
Application
Ca
6
Application
Broadcom
10

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionComputer Associates Unicenter 6.0 Remote Control DM Primer Remote Denial of Service Vulnerability. CVE-2006-0306. Dos exploit for windows platform
idEDB-ID:27101
last seen2016-02-03
modified2006-01-17
published2006-01-17
reporterKarma
sourcehttps://www.exploit-db.com/download/27101/
titleComputer Associates Unicenter 6.0 - Remote Control DM Primer Remote Denial of Service Vulnerability

Nessus

NASL familyWindows
NASL idDMPRIMER_DOS.NASL
descriptionThe remote version of DMPrimer service (CA DM Deployment Common Component) is vulnerable to multiple Denial of Service attacks. An attacker can crash or may cause a high CPU utilization by sending a specially crafted UDP packets.
last seen2020-06-01
modified2020-06-02
plugin id20746
published2006-01-19
reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/20746
titleCA DM Deployment Common Component Multiple DoS
code
#
# (C) Tenable Network Security, Inc.
#


include("compat.inc");

if(description)
{
 script_id(20746);
 script_version("1.19");

 script_cve_id("CVE-2006-0306", "CVE-2006-0307");
 script_bugtraq_id(16276);

 script_name(english:"CA DM Deployment Common Component Multiple DoS");

 script_set_attribute(attribute:"synopsis", value:
"It is possible to cause a denial of service against the remote
service." );
 script_set_attribute(attribute:"description", value:
"The remote version of DMPrimer service (CA DM Deployment 
Common Component) is vulnerable to multiple Denial
of Service attacks.
An attacker can crash or may cause a high CPU utilization by
sending a specially crafted UDP packets." );
 script_set_attribute(attribute:"see_also", value:"http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp" );
 script_set_attribute(attribute:"solution", value:
"Disable the DMPrimer service." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");

 script_set_attribute(attribute:"plugin_publication_date", value: "2006/01/19");
 script_set_attribute(attribute:"vuln_publication_date", value: "2006/01/17");
 script_cvs_date("Date: 2018/07/10 14:27:33");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();

 script_summary(english:"Determines the version of the remote DMPrimer service");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
 script_family(english:"Windows");
 script_dependencies("dmprimer_detect.nasl");
 script_require_keys("CA/DMPrimer");
 script_require_ports(5727);
 exit(0);
}

#

version = get_kb_item ("CA/DMPrimer");

if (!isnull (version) &&
    ( (version == "1.4.154") || (version == "1.4.155") ) )
  security_warning(port:5727, proto:"udp");

References