Multiple Computer Associates Products Bounds Checking Denial of Service Vulnerability
BID:50699
Info
Multiple Computer Associates Products Bounds Checking Denial of Service Vulnerability
| Bugtraq ID: | 50699 |
| Class: | Unknown |
| CVE: |
CVE-2011-3849 |
| Remote: | Yes |
| Local: | No |
| Published: | Nov 16 2011 12:00AM |
| Updated: | Nov 16 2011 12:00AM |
| Credit: | Kevin Kotas |
| Vulnerable: |
CA Embedded Entitlements Manager 8.4.409 (8.4 SP4 CR) CA Directory r12.0 SP7 CA Directory r12.0 SP6 CA Directory r12.0 SP6 CA Directory r12.0 SP5 CA Directory r12.0 sp4 CA Directory r12.0 SP3 CA Directory r12.0 SP2 CA Directory r12.0 sp1 CA Directory 8.1 |
| Not Vulnerable: |
CA Embedded Entitlements Manager R12 CA Directory r12 SP7 CR1 |
Discussion
Multiple Computer Associates Products Bounds Checking Denial of Service Vulnerability
Multiple Computer Associates products are prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue by sending specially crafted SNMP packets to a device running the affected software. As a result, the device will crash, denying service to legitimate users.
Multiple Computer Associates products are prone to a remote denial-of-service vulnerability.
An attacker can exploit this issue by sending specially crafted SNMP packets to a device running the affected software. As a result, the device will crash, denying service to legitimate users.
Exploit / POC
Multiple Computer Associates Products Bounds Checking Denial of Service Vulnerability
Attackers can exploit this issue with readily available networking tools.
Attackers can exploit this issue with readily available networking tools.
Solution / Fix
Multiple Computer Associates Products Bounds Checking Denial of Service Vulnerability
Solution:
Updates are available; please see the references for more information.
Solution:
Updates are available; please see the references for more information.
References
Multiple Computer Associates Products Bounds Checking Denial of Service Vulnerability
References:
References:
- Computer Associates Homepage (Computer Associates)
- CA Directory Solutions & Patches (CA)
- CA20111116-01: Security Notice for CA Directory (CA)