{"vuid":"VU#408099","idnumber":"408099","name":"CA ARCserve Backup authentication service denial-of-service vulnerability","keywords":["CA","ARCserve","Authentication Service","Invalid Pointer Dereference","dos"],"overview":"The CA ARCserve Backup authentication service, caauthd.exe, is susceptible to a denial-of-service vulnerability. CA ARCserve Backup r16 SP1 was reported to be vulnerable.","clean_desc":"The Offensive Security advisory states: By specifying an invalid field size for the encrypted username or password in a crafted RPC packet, the authentication service performs an invalid pointer dereference while trying to decrypt the character string. Authentication is not required to trigger the vulnerability and successful exploitation of this vulnerability for the caauthd.exe process will lead to a denial of service. Additional details may be found in CA20121018-01: Security Notice for CA ARCserve Backup.","impact":"An unauthenticated remote attacker may be able to trigger a denial-of-service condition.","resolution":"Apply a Patch CA ARCserve Backup for Windows r12.5 apply patch RO49917\nCA ARCserve Backup for Windows r15 apply patch RO49916\nCA ARCserve Backup for Windows r16 apply patch RO49750 If you cannot patch for whatever reason please consider the following workarounds.","workarounds":"Restrict access As a general good security practice, only allow connections from trusted hosts and networks.","sysaffected":"","thanks":"Thanks to Matteo Memelli of Offensive Security for reporting this vulnerability.","author":"This document was written by Jared Allar.","public":["h","t","t","p","s",":","/","/","s","u","p","p","o","r","t",".","c","a",".","c","o","m","/","i","r","j","/","p","o","r","t","a","l","/","a","n","o","n","y","m","o","u","s","/","p","h","p","s","u","p","c","o","n","t","e","n","t","?","c","o","n","t","e","n","t","I","D","=","{","F","9","E","E","A","3","1","E","-","8","0","8","9","-","4","2","3","E","-","B","7","4","6","-","4","1","B","5","C","9","D","D","2","A","C","1","}"],"cveids":["CVE-2012-2972"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2012-06-28T18:40:12Z","publicdate":"2012-08-31T00:00:00Z","datefirstpublished":"2012-10-30T19:59:15Z","dateupdated":"2012-10-30T20:05:47Z","revision":23,"vrda_d1_directreport":"1","vrda_d1_population":"3","vrda_d1_impact":"3","cam_widelyknown":"0","cam_exploitation":"0","cam_internetinfrastructure":"0","cam_population":"0","cam_impact":"0","cam_easeofexploitation":"0","cam_attackeraccessrequired":"0","cam_scorecurrent":"0","cam_scorecurrentwidelyknown":"0","cam_scorecurrentwidelyknownexploited":"0","ipprotocol":"","cvss_accessvector":"N","cvss_accesscomplexity":"L","cvss_authentication":null,"cvss_confidentialityimpact":"N","cvss_integrityimpact":"N","cvss_availabilityimpact":"C","cvss_exploitablity":null,"cvss_remediationlevel":"OF","cvss_reportconfidence":"C","cvss_collateraldamagepotential":"ND","cvss_targetdistribution":"ND","cvss_securityrequirementscr":"ND","cvss_securityrequirementsir":"ND","cvss_securityrequirementsar":"ND","cvss_basescore":"7.8","cvss_basevector":"AV:N/AC:L/Au:N/C:N/I:N/A:C","cvss_temporalscore":"6.1","cvss_environmentalscore":"6.1","cvss_environmentalvector":"CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND","metric":0.0,"vulnote":null}