Vulnerabilities > CVE-2006-0307 - Resource Management Errors vulnerability in multiple products

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
ca
broadcom
CWE-399
nessus
NVD
Published: 2006-01-19
Updated: 2024-11-21

Summary

The DM Primer in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption and log file consumption) via unspecified "unrecognized network messages" that are not properly handled.

Vulnerable Configurations

Part Description Count
Application
Ca
6
Application
Broadcom
10

Common Weakness Enumeration (CWE)

Nessus

NASL familyWindows
NASL idDMPRIMER_DOS.NASL
descriptionThe remote version of DMPrimer service (CA DM Deployment Common Component) is vulnerable to multiple Denial of Service attacks. An attacker can crash or may cause a high CPU utilization by sending a specially crafted UDP packets.
last seen2020-06-01
modified2020-06-02
plugin id20746
published2006-01-19
reporterThis script is Copyright (C) 2006-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/20746
titleCA DM Deployment Common Component Multiple DoS
code
#
# (C) Tenable Network Security, Inc.
#


include("compat.inc");

if(description)
{
 script_id(20746);
 script_version("1.19");

 script_cve_id("CVE-2006-0306", "CVE-2006-0307");
 script_bugtraq_id(16276);

 script_name(english:"CA DM Deployment Common Component Multiple DoS");

 script_set_attribute(attribute:"synopsis", value:
"It is possible to cause a denial of service against the remote
service." );
 script_set_attribute(attribute:"description", value:
"The remote version of DMPrimer service (CA DM Deployment 
Common Component) is vulnerable to multiple Denial
of Service attacks.
An attacker can crash or may cause a high CPU utilization by
sending a specially crafted UDP packets." );
 script_set_attribute(attribute:"see_also", value:"http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp" );
 script_set_attribute(attribute:"solution", value:
"Disable the DMPrimer service." );
 script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
 script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"true");

 script_set_attribute(attribute:"plugin_publication_date", value: "2006/01/19");
 script_set_attribute(attribute:"vuln_publication_date", value: "2006/01/17");
 script_cvs_date("Date: 2018/07/10 14:27:33");
script_set_attribute(attribute:"plugin_type", value:"remote");
script_end_attributes();

 script_summary(english:"Determines the version of the remote DMPrimer service");
 script_category(ACT_GATHER_INFO);
 script_copyright(english:"This script is Copyright (C) 2006-2018 Tenable Network Security, Inc.");
 script_family(english:"Windows");
 script_dependencies("dmprimer_detect.nasl");
 script_require_keys("CA/DMPrimer");
 script_require_ports(5727);
 exit(0);
}

#

version = get_kb_item ("CA/DMPrimer");

if (!isnull (version) &&
    ( (version == "1.4.154") || (version == "1.4.155") ) )
  security_warning(port:5727, proto:"udp");

References