EMC Data Protection Advisor NULL Pointer Dereference Denial of Service Vulnerability

Bugtraq ID:	52833
Class:	Boundary Condition Error
CVE:	CVE-2012-0406 CVE-2012-0407
Remote:	Yes
Local:	No
Published:	Mar 30 2012 12:00AM
Updated:	Mar 19 2015 08:32AM
Credit:	Luigi Auriemma
Vulnerable:	EMC RSA Data Protection Manager Software Server 3.2.1 EMC Data Protection Advisor Collector for Solaris SPARC 5.7.Build 5833 EMC Data Protection Advisor Collector for Solaris SPARC 5.7.1.Build 5833 EMC Data Protection Advisor Collector for Solaris SPARC 5.7.1 EMC Data Protection Advisor Collector for Solaris SPARC 5.7 EMC Data Protection Advisor 5.8.1 Build 5991 EMC Data Protection Advisor 5.8 EMC Data Protection Advisor 5.7.1
Not Vulnerable:

EMC Data Protection Advisor NULL Pointer Dereference Denial of Service Vulnerability

EMC Data Protection Advisor is prone to a denial-of-service vulnerability.

Attackers can exploit this issue to crash the application, denying service to legitimate users.

EMC Data Protection Advisor 5.8.1 Build 5991 is vulnerable; other versions may also be affected.

EMC Data Protection Advisor NULL Pointer Dereference Denial of Service Vulnerability

An exploit is available. Please see the references for information.

EMC Data Protection Advisor NULL Pointer Dereference Denial of Service Vulnerability

Solution:
Vendor updates are available. Please see the referenced vendor advisory for more information.

EMC Data Protection Advisor NULL Pointer Dereference Denial of Service Vulnerability

References:

• EMC Data Protection Advisor Homepage (EMC)
  
• EMC Data Protection Advisor vulnerability (Luigi Auriemma)
  
• EMC Data Protection Advisor Multiple Vulnerabilities (EMC)