EMC Data Protection Advisor Server and Collector Bugs Let Remote Users Deny Service
Server and Collector 5.5, 5.5 SP1, 5.6, 5.6 SP1, 5.7, 5.7 SP1, 5.8, 5.8 SP1
Two vulnerabilities were reported in EMC Data Protection Advisor. A remote user can cause denial of service conditions.
A remote user can send specially crafted data to the Controller, Listener, or Collector processes to trigger a NULL pointer dereference and causes a process crash. A remote user can send specially crafted data to the Controller, Listener, or Collector processes to trigger an integer overflow and cause a busy-wait condition that will consume excessive CPU resources.
A remote user can consume excessive CPU resources or cause a process crash on the target system.
The vendor has issued a fix (Security Hotfix DPA-14718).