Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

DM Primer error handling weakness & an old CAM BO revisited
From: "Karma" <karma () designfolks com au>
Date: Wed, 18 Jan 2006 01:03:23 +1100

Apologies for the poor grammer and formatting...

DM Primer is a shared service related to CA's Unicenter Remote Control. It is used in Enterprise environments to deploy URC6 from the URC v6.x Administration server. Dmprimer.exe listens on a client device for instructions from the server in a networked environment. DM Primer service may be installed as part of other CA products. A larger than expected packet can be parsed remotely triggering an error handling routine. The routine fails to properly handle returned errors and exits the thread leaving the DM Primer service in a non-responding state. The complete advisory is available at
http://www.designfolks.com.au/karma/DMPrimer/


cam.exe is process which belongs to CA Unicenter suite. It is used and shared by multiple CA products. The vendor has indicated that it affects multiple platforms.
A Buffer Overflow was also discovered in cam.exe.
This vulnerability is remotely exploitable which may result in remote code execution under the running system level context and complete compromise of the hosts. Upon escalation, it was revealed that this bug was first discovered by CA's own Internal Audit Team in Aug 2005 and has already been fixed. H D Moore has released a proof of concept for his Metasploit Project so credit where credit is due.
http://www.designfolks.com.au/karma/cam/

As a side note, I just wanted to point out the willingness of the CA Vulnerability Research Team at reviewing reported vulnerabilities and ensuring a patch is available for their clients.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • DM Primer error handling weakness & an old CAM BO revisited Karma (Jan 17)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]