CVE-2012-0406
The DPA_Utilities.cProcessAuthenticationData function in EMC Data Protection Advisor (DPA) 5.5 through 5.8 SP1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an AUTHENTICATECONNECTION command that (1) lacks a password field or (2) has an empty password.
| Software | From | Fixed in |
|---|---|---|
| emc / data_protection_advisor | 5.7 | 5.7.x |
| emc / data_protection_advisor | 5.5 | 5.5.x |
| emc / data_protection_advisor | 5.6 | 5.6.x |
| emc / data_protection_advisor | 5.6-sp1 | 5.6-sp1.x |
| emc / data_protection_advisor | 5.8 | 5.8.x |
| emc / data_protection_advisor | 5.8-sp1 | 5.8-sp1.x |
| emc / data_protection_advisor | 5.5-sp1 | 5.5-sp1.x |
| emc / data_protection_advisor | 5.7-sp1 | 5.7-sp1.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime