CVE-2005-0581

Sažetak

Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.

Reference

http://marc.info/?l=bugtraq&m=110979326828704&w=2
http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp
http://www.idefense.com/application/poi/display?id=210&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=213&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=214&type=vulnerabilities
http://www.idefense.com/application/poi/display?id=215&type=vulnerabilities

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

09-04-2021 - 17:46

Objavljeno

02-05-2005 - 04:00