Detections
Analytics
CA eTrust Directory SNMP Packet Parsing Denial of Service
medium Nessus Plugin ID 57035
Language:
Synopsis
The remote directory server is affected by a denial of service vulnerability.Description
CA eTrust Directory, a directory service application, is installed on the remote host. Versions of CA eTrust Directory 8.1 and R12 earlier than service pack 7 CR1 are potentially affected by a denial of service vulnerability due to the way the application parses SNMP packets. A remote, unauthenticated attacker could exploit this flaw to crash the affected service.Solution
Upgrade to CA eTrust Directory R12 SP7 CR1 (build 6279) or later.See Also
http://www.nessus.org/u?845ff19e
https://www.securityfocus.com/archive/1/520547/100/0/threaded
Plugin Details
Severity: Medium
ID: 57035
File Name: ca_directory_server_r12_sp7.nasl
Version: 1.5
Type: remote
Family: Misc.
Published: 12/6/2011
Updated: 11/15/2018
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Low
Score: 3.6
CVSS v2
Risk Factor: Medium
Base Score: 5
Temporal Score: 3.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P
Vulnerability Information
CPE: cpe:/a:ca:etrust_directory
Exploit Ease: No known exploits are available
Patch Publication Date: 11/16/2011
Vulnerability Publication Date: 11/16/2011
Reference Information
CVE: CVE-2011-3849
BID: 50699