JVN#90872372
WebSAM DeploymentManager vulnerable to denial of service
Overview
WebSAM DeploymentManager contains a denial of service (DoS) vulnerability.
Products Affected
Servers or workstations that installed "Client Service for DPM" from the following products are vulnerable.- WebSAM DeploymentManager Ver5.13 and earlier
The above mentioned WebSAM DeploymentManager is provided as part of the following products and are also affected by this vulnerability.
- SigmaSystemCenter 2.1 Update2 and earlier
- BladeSystemCenter all versions
- ExpressSystemCenter all versions
- VirtualPCCenter 2.2 and earlier
Description
WebSAM DeploymentManager is a product that manages the distribution of security patches. WebSAM DeploymentManager contains a denial of service (DoS) vulnerability.
Impact
On a server or workstation with "Client Service for DPM" installed, a remote attacker may shut down or restart the operating system.
Solution
Update the Software
Update to the latest version according to the information provided by the developer.
Filter traffic using a firewall
Deny access to port 56010 for packets that do not have a source IP of the WebSAM DeploymentManager server.
For more information, refer to the developer's website.
JPCERT/CC Addendum
Vulnerability Analysis by JPCERT/CC
Analyzed on 2010.05.17
| Measures | Conditions | Severity |
|---|---|---|
| Access Required | Non-routed - must be attacked from a local segment, such as Ethernet, Bluetooth, and 802.11 attacks |
|
| Authentication | None - anonymous or no authentication (IP addresses do not count) |
|
| User Interaction Required | None - the vulnerability can be exploited without an honest user taking any action |
|
| Exploit Complexity | Low-Medium - some expertise and/or luck required (most buffer overflows, guessing correctly in small space, expertise in Windows function calls) |
|
Credit
Other Information
| JPCERT Alert | |
| JPCERT Reports | |
| CERT Advisory | |
| CPNI Advisory | |
| TRnotes | |
| CVE |
CVE-2010-1941 |
| JVN iPedia |
JVNDB-2010-000019 |