Detections
Analytics

CA Multiple Products Message Queuing Multiple Remote DoS

medium Nessus Plugin ID 20840

Language:

Synopsis

It is possible to crash the remote messaging service.

Description

The remote version of CA Message Queuing Service is vulnerable to two flaws that could lead to a denial of service :

 - Improper handling of specially crafted TCP packets on port 4105 (CVE-2006-0529)

 - Failure to handle spoofed UDP CAM requests (CVE-2006-0530)

Solution

CA has released a set of patches for CAM 1.05, 1.07 and 1.11.

See Also

https://cxsecurity.com/issue/WLB-2006020014

Plugin Details

Severity: Medium

ID: 20840

File Name: cacam_dos.nasl

Version: 1.20

Type: remote

Published: 2/3/2006

Updated: 12/28/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS Score Source: CVE-2006-0529

CVSS v3

Risk Factor: Medium

Base Score: 4.1

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L

Vulnerability Information

CPE: cpe:/a:ca:messaging

Required KB Items: CA/MessageQueuing

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 2/2/2006

Reference Information

CVE: CVE-2006-0529, CVE-2006-0530

BID: 16475