CA XOsoft Control Service entry_point.aspx Remote Code Execution

Added: 06/07/2010
CVE: CVE-2010-1223
BID: 39238
OSVDB: 63611

Background

CA XOsoft is storage and recovery management software that includes applications for combined business continuity and disaster recovery. The CA XOsoft product family includes CA XOsoft Replication, CA XOsoft High Availability, and CA XOsoft Content Distribution.

Problem

Control Service r12 and Control Service r12.5 included in the CA XOsoft Replication, High Availability, and Content Distribution products with versions r12 and r12.5 are vulnerable to a stack buffer overflow as a result of overly long data passed to /entry_point.aspx. A successful attacker could execute arbitrary code with the permissions of the CA Control Service process.

Resolution

Apply the patches referenced in CA Security Notice for CA XOsoft CA20100406-01.

References

http://secunia.com/advisories/39337/

Limitations

Exploit works on CA XOsoft Control Service r12.5.

Platforms

Windows

Back to exploit index