URC 6.0/URC 6.0 French Version/URC 6.0 German Version - CA Technologies
{{search ? 'Close':'Search'}}

Important Security Notice
Unicenter Remote Control 6.0

The Computer Associates Technical Support team wishes to alert our customers about potential system security vulnerabilities that we have recently discovered regarding the following products.

Affected products:

Unicenter Remote Control 6.0 GA (Build 6.0.56.3)
Unicenter Remote Control 6.0 French Version
Unicenter Remote Control 6.0 German Version

   
Affected component: Unicenter Remote Control (URC) 6.0 Host
  1. System Security Vulnerability

    A security vulnerability exists in the URC 6.0 Host service. The vulnerability exists because the host indirectly allows any application to be run under the same account that the host itself runs under. Since this account is typically "local system", this gives an attacker very high privileges.

    To exploit this vulnerability, the attacker would require direct or remote access to the computer's desktop.

    In the worst case, the attacker could run the command prompt as local system providing privileges above those intended for the user.

  2. Denial of Service Attack

    A vulnerability exists in the URC 6.0 Host service which could lead to a denial of service attack on a computer running the host.

    To exploit this vulnerability, the attacker would have to bombard the host's port with bogus connection requests. The impact of this is to cause the machine to run at 100% CPU, preventing it from performing other tasks.

    Affected Operating Systems: Win 95, Win 98, Win ME, Win NT, Win 2000, Win XP, Win 2003

A resolution to these problems has been published and we advise customers to apply the patch as advised by the table below:

Unicenter Remote Control 6.0 GA (6.0.56.3) QO48417 / QO48929 *
Unicenter Remote Control 6.0 French Version QO49825
Unicenter Remote Control 6.0 German Version QO49826

* QO48929: To update the preconfigured Unicenter Remote Control deployment packages for deployment of Unicenter Remote Control 6.0 GA (6.0.56.3)

Please note the Language certification fix, QO48974, has the system vulnerability fixes already included.

Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing