mailing list archives
DM Primer error handling weakness & an old CAM BO revisited
From: "Karma" <karma () designfolks com au>
Date: Wed, 18 Jan 2006 01:03:23 +1100
Apologies for the poor grammer and formatting...
DM Primer is a shared service related to CA's Unicenter Remote Control. It
is used in Enterprise environments to deploy URC6 from the URC v6.x
Administration server. Dmprimer.exe listens on a client device for
instructions from the server in a networked environment. DM Primer service
may be installed as part of other CA products.
A larger than expected packet can be parsed remotely triggering an error
handling routine. The routine fails to properly handle returned errors and
exits the thread leaving the DM Primer service in a non-responding state.
The complete advisory is available at
cam.exe is process which belongs to CA Unicenter suite. It is used and
shared by multiple CA products. The vendor has indicated that it affects
A Buffer Overflow was also discovered in cam.exe.
This vulnerability is remotely exploitable which may result in remote code
execution under the running system level context and complete compromise of
hosts. Upon escalation, it was revealed that this bug was first discovered
by CA's own Internal Audit Team in Aug 2005 and has already been fixed. H D
released a proof of concept for his Metasploit Project so credit where
credit is due.
As a side note, I just wanted to point out the willingness of the CA
Vulnerability Research Team at reviewing reported vulnerabilities and
ensuring a patch is available for their clients.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- DM Primer error handling weakness & an old CAM BO revisited Karma (Jan 17)