CVE-2012-0406
published 2012-04-20CVE-2012-0406: The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of…
PriorityP344high7.8CVSS 2.0
AVNACLAuNCNINAC
EXPLOIT
EPSS
8.65%
94.4th percentile
The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an AUTHENTICATECONNECTION command that (1) lacks a password field or (2) has an empty password.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| emc | data_protection_advisor | — | — |
| emc | data_protection_advisor | — | — |
| emc | data_protection_advisor | — | — |
| emc | data_protection_advisor | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Bugzilla
CVE-2012-1100 JON: LDAP authentication allows any user access if bind credentials are bad
bugzilla·2012-03-05·CVSS 5.8
CVE-2012-1100 [MEDIUM] CVE-2012-1100 JON: LDAP authentication allows any user access if bind credentials are bad
CVE-2012-1100 JON: LDAP authentication allows any user access if bind credentials are bad
If JON is configured to use LDAP authentication, and the LDAP bind account credentials are invalid, any subsequent login attempt by a user created via LDAP will be successful with any arbitrary password.
Discussion:
This flaw affects JON 2.4.2 and JON 3.0.0.
---
This issue has been addressed in following products:
JBoss Operations Network 2.4.2
Via RHSA-2012:0396 https://rhn.redhat.com/errata/RHSA-2012-0396.html
---
This issue has been addressed in following products:
JBoss Operations Network 3.0.1
Via RHSA-2012:0406 https://rhn.redhat.com/errata/RHSA-2012-0406.html
Bugzilla
CVE-2012-0062 JON: Unapproved agents can hijack an approved agent's endpoint by using a null security token
bugzilla·2012-01-19·CVSS 5.8
CVE-2012-0062 [MEDIUM] CVE-2012-0062 JON: Unapproved agents can hijack an approved agent's endpoint by using a null security token
CVE-2012-0062 JON: Unapproved agents can hijack an approved agent's endpoint by using a null security token
The JON server allows agent registration to succeed under certain conditions if the registration request does not include a security token. This is a feature designed to add convenience. A remote attacker could exploit this by spoofing the identify of an approved agent and passing a null security token, allowing them to hijack the approved agent's session and steal its security token.
Discussion:
This issue has been addressed in following products:
JBoss Operations Network 2.4.2
Via RHSA-2012:0089 https://rhn.redhat.com/errata/RHSA-2012-0089.html
---
This issue has been addressed in following products:
JBoss Operations Network 3.0.1
Via RHSA-2012:0406 https://rhn.redhat.com/
Bugzilla
CVE-2012-0052 JON: Unapproved agents can connect using the name of an existing approved agent
bugzilla·2012-01-16·CVSS 5.8
CVE-2012-0052 [MEDIUM] CVE-2012-0052 JON: Unapproved agents can connect using the name of an existing approved agent
CVE-2012-0052 JON: Unapproved agents can connect using the name of an existing approved agent
If a JON agent is registered in a JON server's inventory with a given name, then any other agent can connect to the JON server and assume the identity of this registered agent simply by assuming its agent name. The JON agent key is not verified, allowing malicious JON agents to connect to the server.
Discussion:
This issue has been addressed in following products:
JBoss Operations Network 2.4.2
Via RHSA-2012:0089 https://rhn.redhat.com/errata/RHSA-2012-0089.html
---
This issue has been addressed in following products:
JBoss Operations Network 3.0.1
Via RHSA-2012:0406 https://rhn.redhat.com/errata/RHSA-2012-0406.html
Bugzilla
CVE-2012-0032 JON CLI: world-writable root directory
bugzilla·2012-01-09·CVSS 3.7
CVE-2012-0032 [LOW] CVE-2012-0032 JON CLI: world-writable root directory
CVE-2012-0032 JON CLI: world-writable root directory
After installing the remote client from JON 3.0, the extracted root directory is world readable/writeable/executable (0777). Although the child directories are not world writeable, by the parent directory being left in a world writeable state, it is possible to modify directory and file attributes on the child contents to trick the user into executing malicious scripts or code. A local attacker could use this flaw to compromise a remote JON server, using the credentials stolen from a privileged JON user who is using the remote client CLI from a system the local attacker has access to.
Discussion:
This issue has been addressed in following products:
JBoss Operations Network 3.0.1
Via RHSA-2012:0406 https://rhn.redhat.com/errata/RHSA-
http://aluigi.altervista.org/adv/dpa_1-adv.txthttp://www.exploit-db.com/exploits/18688/http://www.securityfocus.com/archive/1/522408/30/0/threadedhttp://www.securitytracker.com/id?1026956http://aluigi.altervista.org/adv/dpa_1-adv.txthttp://www.exploit-db.com/exploits/18688/http://www.securityfocus.com/archive/1/522408/30/0/threadedhttp://www.securitytracker.com/id?1026956
2012-04-20
Published