EMC Data Protection Advisor Null Pointer Dereference and Infinite Loop Let Remote Users Deny Service
|
|
SecurityTracker Alert ID: 1026878 |
|
SecurityTracker URL: http://securitytracker.com/id/1026878
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Mar 30 2012
|
Impact:
Denial of service via network
|
Exploit Included: Yes
|
Version(s): 5.8.1 and prior versions
|
Description:
A vulnerability was reported in EMC Data Protection Advisor. A remote user can cause denial of service conditions.
A remote user can send a specially crafted AUTHENTICATECONNECTION command to trigger a null pointer dereference and cause the target service to crash.
A remote user can also cause the system to enter an infinite loop.
The original advisory is available at:
http://aluigi.altervista.org/adv/dpa_1-adv.txt
|
Impact:
A remote user can cause the target service to crash or consume all CPU resources on the target system.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.emc.com/ (Links to External Site)
|
Cause:
Access control error, State error
|
Underlying OS:
Linux (Any), UNIX (HP/UX), UNIX (Solaris - SunOS), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 30 Mar 2012 20:27:03 +0000
Subject: EMC Data Protection Advisor
|
http://aluigi.altervista.org/adv/dpa_1-adv.txt
|
|
