CA Multiple Products Message Queuing Multiple Remote DoS
Medium Nessus Plugin ID 20840
SynopsisIt is possible to crash the remote messaging service.
DescriptionThe remote version of CA Message Queuing Service is vulnerable to two flaws that could lead to a denial of service :
- Improper handling of specially crafted TCP packets on port 4105 (CVE-2006-0529)
- Failure to handle spoofed UDP CAM requests (CVE-2006-0530)
SolutionCA has released a set of patches for CAM 1.05, 1.07 and 1.11.