CERTA-2006-AVI-042
Vulnerability from certfr_avis

Des failles dans le service DMPrimer peut être exploitée pour bloquer ce service voire consommer toutes les ressources du processeur de l'hôte et saturer le disque avec un fichier journal démesuré.

Contournement provisoire

Désinstaller le service qui n'a d'utilité que lors de la phase initiale de l'installation.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Microsoft Windows avec les produits Computer Associates suivants :

  • BrightStor Mobile Backup r4.0 ;
  • BrightStor ARCServe Backup for Laptops and Desktops r11.x ;
  • CA Business Protection Suite for Microsoft Small Business Standard/Premium Edition r2 ;
  • CA Business Protection Suite for Midsize Business for Windows r2;
  • CA Business/Desktop/Server Protection Suite r2 ;
  • CA Unicenter Remote Centrol 6.x.
Impacted products
Vendor Product Description
References

Show details on source website

To clipboard 

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eMicrosoft Windows avec les produits \u003cTT\u003eComputer  Associates\u003c/TT\u003e suivants :\u003c/P\u003e  \u003cUL\u003e    \u003cLI\u003eBrightStor Mobile Backup r4.0 ;\u003c/LI\u003e    \u003cLI\u003eBrightStor ARCServe Backup for Laptops and Desktops r11.x    ;\u003c/LI\u003e    \u003cLI\u003eCA Business Protection Suite for Microsoft Small Business    Standard/Premium Edition r2 ;\u003c/LI\u003e    \u003cLI\u003eCA Business Protection Suite for Midsize Business for    Windows r2;\u003c/LI\u003e    \u003cLI\u003eCA Business/Desktop/Server Protection Suite r2 ;\u003c/LI\u003e    \u003cLI\u003eCA Unicenter Remote Centrol 6.x.\u003c/LI\u003e  \u003c/UL\u003e",
  "content": "## Contournement provisoire\n\nD\u00e9sinstaller le service qui n\u0027a d\u0027utilit\u00e9 que lors de la phase initiale\nde l\u0027installation.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [],
  "initial_release_date": "2006-01-23T00:00:00",
  "last_revision_date": "2006-01-23T00:00:00",
  "links": [],
  "reference": "CERTA-2006-AVI-042",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2006-01-23T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Des failles dans le service DMPrimer peut \u00eatre exploit\u00e9e pour bloquer ce\nservice voire consommer toutes les ressources du processeur de l\u0027h\u00f4te et\nsaturer le disque avec un fichier journal d\u00e9mesur\u00e9.\n",
  "title": "Vuln\u00e9rabilit\u00e9 d\u0027un composant DM Deployment de Computer Associates",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Computer Associates",
      "url": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.