[VulnWatch] ClearCase DoS vulnerabilty

From: marek.rouchalat_private
Date: Fri Nov 22 2002 - 01:30:11 PST

Next message: EnGarde Secure Linux: "[Full-Disclosure] [ESA-20021122-030] local kernel vulnerabilities"

Previous message: securityat_private: "Security Update: [CSSA-2002-049.0] Linux: lynx CRLF injection vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Dear all,

please find attached a security vulnarability advisory
for immediate publishing.

Best regards,

Marek Rouchal, Infineon Technologies AG, Munich, Germany
Stefan Bagdohn, Guardeonic Solutions, Munich, Germany


Summary:

Advisory Name:        ClearCase remote DoS
Release Date:         11/22/02
Affected Product:     Rational (R) ClearCase (R)
Platform:             Solaris 2.5.1 and 8 for sure, other unknown
Version:              4.1 (patches 27, 28) and 2002.05 (patches 9,10)
                      sure, other unknown

Severity:             The ClearCase process listening on TCP port 371
                      can be crashed by performing a simple nmap scan

text/plain attachment: guardadv-03-2002-clearcaseDoS.txt

Next message: EnGarde Secure Linux: "[Full-Disclosure] [ESA-20021122-030] local kernel vulnerabilities"
Previous message: securityat_private: "Security Update: [CSSA-2002-049.0] Linux: lynx CRLF injection vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 22 2002 - 07:09:26 PST