SynopsisIt is possible to crash the remote messaging service.
DescriptionThe remote version of CA Message Queuing Service is vulnerable to two flaws that could lead to a denial of service :
- Improper handling of specially crafted TCP packets on port 4105 (CVE-2006-0529)
- Failure to handle spoofed UDP CAM requests (CVE-2006-0530)
SolutionCA has released a set of patches for CAM 1.05, 1.07 and 1.11.