DM Deployment Common Component Security Notice - CA Technologies
{{search ? 'Close':'Search'}}

DM Deployment Common Component
Security Notice

Issued: January 17, 2006
Last Updated: January 13, 2006

Attention CA Customers:
DM Deployment Common Component Vulnerabilities.

The CA Customer Support team would like to thank Cengiz Aykanat and Karma[at]DesignFolks[dot]com[dot]au for their help in identifying these vulnerabilities.

The following security vulnerability issues have been identified in the DM Primer part of the DM Deployment Common Component being distributed with some CA products:

  • A Denial of Service (DoS) vulnerability has been identified in the handling of unrecognized network messages which may result in high CPU utilization and excessive growth of the DM Primer log file.
  • A Denial of Service (DoS) vulnerability has been identified with the way in which the DM Primer handles receipt of large rogue network messages which can result in the DM Primer becoming unresponsive.

Affected products:

CA ARCserve Backup for Laptops and Desktops r4.0
CA ARCserve Backup for Laptops and Desktops r11.0, r11.1, r11.1 SP1
Unicenter Remote Control 6.0, 6.0 SP1
CA Desktop Protection Suite r2
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
CA Business Protection Suite for Midsize Business for Windows r2

Scope

These vulnerabilities will only be present if you have utilised the DM Deployment mechanism, bundled with the affected products, to deploy those products within your enterprise.

Solution

Since this version of DM Primer is only utilised for the initial installation of the products, the above vulnerabilities can be addressed simply by removing the DM Primer Service after deployment. To remove the DM Primer product follow the instructions below:

dmprimer remove -f: 

will force the removal of a local DM Primer service,

dmsweep -a1:remotecomp -dp:force 

will force the removal of the DM Primer service from a remote computer called remotecomp.

The dmsweep command will be available on the DM Deployment machine (usually the host for the product manager with which it was bundled). It can take a machine name, an ip address, or a range of ip addresses. Some examples are

dmsweep -a1:192.168.0.* -dp:force 

will forcibly remove DM Primer from all machines on the 192.168.0.* subnet

dmsweep -a1:192.168.0.1 -a2:192.168.0.100 -dp:force

will forcibly remove DM Primer from all machines in the range 192.168.0.1-192.168.0.100

dmsweep -a1:192.168.0.1 -a2:192.168.0.100 -dp:force

will forcibly remove DM Primer from all machines in the range 192.168.0.1-192.168.0.100

Versions affected:

This vulnerability only affects DM Primer v1.4.154 and v1.4.155 on the specified platforms.

Versions NOT affected:

This vulnerability is not present in DM Primer v11.0 or later.

Affected platforms:

Windows

Platforms NOT affected:

This version of DM Primer is not supported on any other platforms.

Frequently Asked Questions (FAQ) related to this security update

UAM/AMO Definitions for the DM Primer vulnerability:

The current Unicenter Asset Management r4 Application Definitions revision includes definitions specially designed to assist administrators in detecting the presence of DM Deployment common component vulnerabilities, as well as other CA product vulnerabilities.

Administrators need only download the current revision using the automated download facility. The download facility is located as a link in the Unicenter Asset Management r4 Admin Console at /Asset Management/<DOMAIN_NAME>/Control Panel/Software, as shown in the figure below.

Figure1

Once downloaded, the specially designed application definitions identifying a vulnerability will include, on the Description Tab, a message similar to the one shown below:

Figure2

Upon detection of components featuring a warning message, administrators can copy the link from the description into a browser to obtain current instructions on addressing the vulnerabilities detected.

Please note: Administrators that have not already upgraded beyond Application Definitions Revision are required to perform Software Normalization Procedures in order to upgrade to the current revision. For more information on Application Definitions downloads and Normalization Procedures, refer to the required Software Normalization procedures posted at https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=TEC346514.

Should you require additional information, please contact CA Customer Support:
North America (for individual product hotlines)
Internationally (for individual country offices)

Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing