lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue Jan 17 16:20:38 2006
From: karma at designfolks.com.au (Karma)
Subject: DM Primer error handling weakness & an old CAM BO
	revisited

Apologies for the poor grammer and formatting...

DM Primer is a shared service related to CA's Unicenter Remote Control. It 
is used in Enterprise environments to deploy URC6 from the URC v6.x 
Administration server. Dmprimer.exe listens on a client device for 
instructions from the server in a networked environment. DM Primer service 
may be installed as part of other CA products.
A larger than expected packet can be parsed remotely triggering an error 
handling routine. The routine fails to properly handle returned errors and
exits the thread leaving the DM Primer service in a non-responding state. 
The complete advisory is available at
http://www.designfolks.com.au/karma/DMPrimer/


cam.exe is process which belongs to CA Unicenter suite. It is used and 
shared by multiple CA products. The vendor has indicated that it affects 
multiple platforms.
A Buffer Overflow was also discovered in cam.exe.
This vulnerability is remotely exploitable which may result in remote code 
execution under the running system level context and complete compromise of 
the
hosts. Upon escalation, it was revealed that this bug was first discovered 
by CA's own Internal Audit Team in Aug 2005 and has already been fixed. H D 
Moore has
released a proof of concept for his Metasploit Project so credit where 
credit is due.
http://www.designfolks.com.au/karma/cam/

As a side note, I just wanted to point out the willingness of the CA 
Vulnerability Research Team at reviewing reported vulnerabilities and 
ensuring a patch is available for their clients.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ