icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

CA eTrust Directory SNMP Packet Parsing Denial of Service

Medium

Synopsis

The remote directory service is vulnerable to a denial of service attack.

Description

The remote host is running CA eTrust Directory Server, a directory service application from CA.

Versions of CA eTrust Directory 8.1, and R12 earlier than service pack 7 CR1 are potentially affected by a denial of service vulnerability due to the way the application parses SNMP packets. A remote, unauthenticated attacker, exploiting this flaw, could crash the affected service.

Solution

Upgrade to CA eTrust Directory R12 SP7 CR1 or later.