Sign-up

ID

VAR-200510-0155


CVE

CVE-2005-3190


TITLE

Computer Associates Multiple products HTTP Request remote overflow vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200510-074

DESCRIPTION

Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests. Multiple Computer Associates products are susceptible to a remote buffer overflow vulnerability. This issue is due to a failure of the affected products to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer. This issue exists in the iTechnology iGateway component that is included in multiple Computer Associates products. Versions 1.x, 2.x, and the current 4.x versions of the iGateway component are not affected by this issue. Version 3.0.040107 and earlier 3.x versions are affected. This issue is only exploitable if the non-default components are installed, the 'igateway.conf' configuration file has debugging enabled, and the service is then manually restarted. Computer Associates is the world's leading security vendor, products include a variety of antivirus software. TITLE: CA iGateway Debug Mode HTTP GET Request Buffer Overflow SECUNIA ADVISORY ID: SA17085 VERIFY ADVISORY: http://secunia.com/advisories/17085/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote SOFTWARE: CA iGateway 4.x http://secunia.com/product/5821/ CA iGateway 3.x http://secunia.com/product/5820/ DESCRIPTION: Erika Mendoza has reported a vulnerability in CA iGateway, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when parsing HTTP GET requests. Successful exploitation requires that debug mode is enabled. The vulnerability has been reported in version 3.0 and 4.0 released prior to 2005-06-23. Note: Exploit code for this vulnerability is publicly available. SOLUTION: The vendor recommends that iGateway should not be run in debug mode. PROVIDED AND/OR DISCOVERED BY: Erika Mendoza ORIGINAL ADVISORY: http://www3.ca.com/threatinfo/vulninfo/vuln.aspx?id=33485 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.35

sources: NVD: CVE-2005-3190 // BID: 15025 // VULHUB: VHN-14399 // PACKETSTORM: 40602

AFFECTED PRODUCTS

vendor:broadcommodel:igatewayscope:eqversion:3.0

Trust: 1.0

vendor:broadcommodel:igatewayscope:eqversion:4.0

Trust: 1.0

vendor:camodel:igatewayscope:eqversion:3.0

Trust: 0.6

vendor:camodel:igatewayscope:eqversion:4.0

Trust: 0.6

vendor:computermodel:associates unicenter web server managementscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter service matrix analysisscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter service level managementscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter service fulfillmentscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter service fulfillmentscope:eqversion:2.2

Trust: 0.3

vendor:computermodel:associates unicenter service desk knowledge toolsscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter service deskscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter service deliveryscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter service catalog/fulfillment/accountingscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter mq managementscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter management for webspherescope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter management for weblogicscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter exchange managementscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter ca web services distributed managementscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter autosys jmscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter asset portfolio managementscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter application server managmentscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates unicenter application performance monitorscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates harvest change managerscope:eqversion:7.1

Trust: 0.3

vendor:computermodel:associates etrust web service securityscope:eqversion:8.0

Trust: 0.3

vendor:computermodel:associates etrust secure content managerscope:eqversion:8.0

Trust: 0.3

vendor:computermodel:associates etrust integrated threat managementscope:eqversion:8.0

Trust: 0.3

vendor:computermodel:associates etrust identity minderscope:eqversion:8.0

Trust: 0.3

vendor:computermodel:associates etrust audit irecordersscope:eqversion:8.0

Trust: 0.3

vendor:computermodel:associates etrust audit irecorders sp3scope:eqversion:1.5

Trust: 0.3

vendor:computermodel:associates etrust audit irecorders sp2scope:eqversion:1.5

Trust: 0.3

vendor:computermodel:associates etrust audit ariesscope:eqversion:8.0

Trust: 0.3

vendor:computermodel:associates etrust audit aries sp3scope:eqversion:1.5

Trust: 0.3

vendor:computermodel:associates etrust audit aries sp2scope:eqversion:1.5

Trust: 0.3

vendor:computermodel:associates etrust adminscope:eqversion:8.1

Trust: 0.3

vendor:computermodel:associates etrust adminscope:eqversion:8.0

Trust: 0.3

vendor:computermodel:associates brightstor srmscope:eqversion:11.5

Trust: 0.3

vendor:computermodel:associates brightstor srmscope:eqversion:11.1

Trust: 0.3

vendor:computermodel:associates brightstor srmscope:eqversion:6.4

Trust: 0.3

vendor:computermodel:associates brightstor srmscope:eqversion:6.3

Trust: 0.3

vendor:computermodel:associates brightstor san managerscope:eqversion:11.5

Trust: 0.3

vendor:computermodel:associates brightstor san managerscope:eqversion:11.1

Trust: 0.3

vendor:computermodel:associates brightstor process automation managerscope:eqversion:11.1

Trust: 0.3

vendor:computermodel:associates brightstor portalscope:eqversion:11.1

Trust: 0.3

vendor:computermodel:associates brightstor enterprise backupscope:eqversion:10.5

Trust: 0.3

vendor:computermodel:associates brightstor arcserve backup for windowsscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates brightstor arcserve backupscope:eqversion:11.5

Trust: 0.3

vendor:computermodel:associates brightstor arcserve backupscope:eqversion:11.1

Trust: 0.3

vendor:computermodel:associates brightstor arcserve backupscope:eqversion:9.1

Trust: 0.3

vendor:computermodel:associates arcserve backup for laptops and desktopsscope:eqversion:11.1

Trust: 0.3

vendor:computermodel:associates arcserve backup for laptops and desktopsscope:eqversion:11.0

Trust: 0.3

vendor:computermodel:associates advantage data transformerscope:eqversion:2.2

Trust: 0.3

sources: BID: 15025 // CNNVD: CNNVD-200510-074 // NVD: CVE-2005-3190

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2005-3190
value: HIGH

Trust: 1.0

CNNVD: CNNVD-200510-074
value: HIGH

Trust: 0.6

VULHUB: VHN-14399
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2005-3190
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

VULHUB: VHN-14399
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: VULHUB: VHN-14399 // CNNVD: CNNVD-200510-074 // NVD: CVE-2005-3190

PROBLEMTYPE DATA

problemtype:NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-3190

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200510-074

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-200510-074

EXPLOIT AVAILABILITY

sources:
            
            
            VULHUB: VHN-14399

EXTERNAL IDS
db:BIDid:15025
Trust: 2.0
db:SECUNIAid:17085
Trust: 1.8
db:SREASONid:86
Trust: 1.7
db:SECTRACKid:1015045
Trust: 1.7
db:OSVDBid:19920
Trust: 1.7
db:NVDid:CVE-2005-3190
Trust: 1.7
db:CNNVDid:CNNVD-200510-074
Trust: 0.7
db:SEEBUGid:SSVID-71303
Trust: 0.1
db:EXPLOIT-DBid:1243
Trust: 0.1
db:EXPLOIT-DBid:16801
Trust: 0.1
db:VULHUBid:VHN-14399
Trust: 0.1
db:PACKETSTORMid:40602
Trust: 0.1
sources:
            
            
            VULHUB: VHN-14399 // 
            
            
            
            BID: 15025 // 
            
            
            
            PACKETSTORM: 40602 // 
            
            
            
            CNNVD: CNNVD-200510-074 // 
            
            
            
            NVD: CVE-2005-3190

REFERENCES
url:http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33485
Trust: 2.0
url:http://www.securityfocus.com/bid/15025
Trust: 1.7
url:http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0349.html
Trust: 1.7
url:http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0418.html
Trust: 1.7
url:http://www.osvdb.org/19920
Trust: 1.7
url:http://securitytracker.com/id?1015045
Trust: 1.7
url:http://secunia.com/advisories/17085
Trust: 1.7
url:http://securityreason.com/securityalert/86
Trust: 1.7
url:https://exchange.xforce.ibmcloud.com/vulnerabilities/22560
Trust: 1.7
url:http://www.ca.com/
Trust: 0.3
url:/archive/1/413408
Trust: 0.3
url:http://secunia.com/advisories/17085/
Trust: 0.1
url:http://secunia.com/secunia_security_advisories/
Trust: 0.1
url:http://www3.ca.com/threatinfo/vulninfo/vuln.aspx?id=33485
Trust: 0.1
url:http://secunia.com/product/5821/
Trust: 0.1
url:http://secunia.com/product/5820/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            VULHUB: VHN-14399 // 
            
            
            
            BID: 15025 // 
            
            
            
            PACKETSTORM: 40602 // 
            
            
            
            CNNVD: CNNVD-200510-074 // 
            
            
            
            NVD: CVE-2005-3190

CREDITS
EMendoza  erikam@gmail.com
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-200510-074

SOURCES
db:VULHUBid:VHN-14399
db:BIDid:15025
db:PACKETSTORMid:40602
db:CNNVDid:CNNVD-200510-074
db:NVDid:CVE-2005-3190

LAST UPDATE DATE
2024-08-14T13:40:03.190000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-14399date:2017-07-11T00:00:00
db:BIDid:15025date:2005-10-06T00:00:00
db:CNNVDid:CNNVD-200510-074date:2021-04-12T00:00:00
db:NVDid:CVE-2005-3190date:2021-04-09T16:56:08.623

SOURCES RELEASE DATE
db:VULHUBid:VHN-14399date:2005-10-13T00:00:00
db:BIDid:15025date:2005-10-06T00:00:00
db:PACKETSTORMid:40602date:2005-10-11T23:51:24
db:CNNVDid:CNNVD-200510-074date:2005-10-13T00:00:00
db:NVDid:CVE-2005-3190date:2005-10-13T22:02:00