SecurityvulnsSECURITYVULNS:DOC:11107[Full-disclosure] DM Primer error handling weakness & an old CAM BO revisited
Apologies for the poor grammer and formattingβ¦
DM Primer is a shared service related to CA's Unicenter Remote Control. It
is used in Enterprise environments to deploy URC6 from the URC v6.x
Administration server. Dmprimer.exe listens on a client device for
instructions from the server in a networked environment. DM Primer service
may be installed as part of other CA products.
A larger than expected packet can be parsed remotely triggering an error
handling routine. The routine fails to properly handle returned errors and
exits the thread leaving the DM Primer service in a non-responding state.
The complete advisory is available at
http://www.designfolks.com.au/karma/DMPrimer/
cam.exe is process which belongs to CA Unicenter suite. It is used and
shared by multiple CA products. The vendor has indicated that it affects
multiple platforms.
A Buffer Overflow was also discovered in cam.exe.
This vulnerability is remotely exploitable which may result in remote code
execution under the running system level context and complete compromise of
the
hosts. Upon escalation, it was revealed that this bug was first discovered
by CA's own Internal Audit Team in Aug 2005 and has already been fixed. H D
Moore has
released a proof of concept for his Metasploit Project so credit where
credit is due.
http://www.designfolks.com.au/karma/cam/
As a side note, I just wanted to point out the willingness of the CA
Vulnerability Research Team at reviewing reported vulnerabilities and
ensuring a patch is available for their clients.
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/