ID |
CVE-2005-0581
|
Summary |
Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format. |
References |
|
Vulnerable Configurations |
|
CVSS |
Base: | 4.6 (as of 09-04-2021 - 17:46) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
LOCAL |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
PARTIAL |
PARTIAL |
PARTIAL |
|
cvss-vector
via4
|
AV:L/AC:L/Au:N/C:P/I:P/A:P
|
refmap
via4
|
bugtraq | 20050302 License Patches Are Now Available To Address Buffer Overflows | confirm | http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp | idefense | - 20050302 Computer Associates License Client and Server Invalid Command Buffer Overflow
- 20050302 Computer Associates License Client/Server GCR Checksum Buffer Overflow
- 20050302 Computer Associates License Client/Server GCR Network Buffer Overflow
- 20050302 Computer Associates License Client/Server GETCONFIG Buffer Overflow
|
|
saint
via4
|
bid | 12705 | description | Computer Associates License Service GETCONFIG buffer overflow | id | misc_calicense | osvdb | 14389 | title | ca_license_getconfig | type | remote |
bid | 12705 | description | Computer Associates License Service invalid command buffer overflow | id | misc_calicense | osvdb | 14389 | title | ca_license_invalid_command | type | remote |
bid | 12705 | description | Computer Associates License Service GCR buffer overflow | id | misc_calicense | osvdb | 14389 | title | ca_license_gcr | type | remote |
|
Last major update |
09-04-2021 - 17:46 |
Published |
02-05-2005 - 04:00 |
Last modified |
09-04-2021 - 17:46 |