ControlIT allows attacker to reboot remote computer or force logout
| controlit-reboot (1653) |  Medium Risk |
Description:
ControlIT allows remote users to either reboot the remote computer or force the current user of the remote computer to log out. A user must be authenticated to operate this mechanism. Another option, configurable by the local user, allows the remote user to initiate a reboot or logout of current user once the remote user disconnects the session. This option triggers regardless of authentication; anybody can connect and disconnect without authenticating to trigger the timer of this option if it is enabled by the local user.
Platforms Affected:
- CA, ControlIT
Remedy:
Users of ControlIT (or Remotely Possible) should apply the #TF73073 patch, available from the Computer Associates Technical Support Web site. See References.
Consequences:
Denial of Service
References:
- Computer Associates Technical Support Web site, Technical Support at http://support.ca.com/.
- Internet Security Systems Security Alert #18, Multiple vulnerabilities in ControlIT(tm) (formerly Remotely Possible/32) enterprise management software at http://www.iss.net/xforce/alerts/id/advise18.
- CVE-1999-0355: Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service.
Reported:
Jan 25, 1999
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net