CVE-2005-3653: Buffer Overflow
First published: Sat Dec 31 2005(Updated: )
Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| CA Unicenter Web Services Distributed Management | =11.0 | |
| Broadcom eTrust Secure Content Manager | =8.0 | |
| CA Unicenter Management | =11.0 | |
| CA Unicenter Management | =3.5 | |
| Broadcom CA Unicenter Service Catalog Fulfillment Accounting | =11.0 | |
| CA Unicenter Web Server Management | =11.0 | |
| Broadcom BrightStor Enterprise Backup | =10.5 | |
| Broadcom BrightStor Enterprise Backup | =10.0 | |
| CA eTrust Directory | =8.1_web_components | |
| Broadcom eTrust Audit Aries | =1.5-sp2 | |
| Broadcom Unicenter Service Fulfillment | =11.0 | |
| Broadcom Unicenter Application Performance Monitor | =11.0 | |
| Broadcom BrightStor ARCServe Backup | =11 | |
| Broadcom BrightStor Enterprise Backup | =10.5 | |
| Broadcom CA Service Level Management | =11.0 | |
| CA Unicenter Application Server Management | =11.0 | |
| Broadcom BrightStor Enterprise Backup | =10.5 | |
| CA Unicenter Exchange Management Console | =11.0 | |
| Broadcom eTrust Audit Aries | =1.5-sp3 | |
| CA Unicenter Management | =11.0 | |
| CA Unicenter Web Services Distributed Management | =11.0 | |
| Broadcom BrightStor ARCServe Backup | =11.5 | |
| Broadcom BrightStor ARCServe Backup | =11.1 | |
| Broadcom BrightStor ARCServe Backup | =9.01 | |
| Broadcom BrightStor Portal | =11.1 | |
| Broadcom BrightStor Process Automation Manager | =11.1 | |
| Broadcom BrightStor SAN Manager | =11.1 | |
| Broadcom BrightStor SAN Manager | =11.5 | |
| Broadcom BrightStor Storage Resource Manager | =11.1 | |
| Broadcom BrightStor Storage Resource Manager | =11.5 | |
| Broadcom BrightStor Storage Resource Manager | =6.3 | |
| Broadcom BrightStor Storage Resource Manager | =6.4 | |
| BrightStor ARCserve Backup | =11.0 | |
| BrightStor ARCserve Backup | =11.1 | |
| Broadcom eTrust Admin | =8.1 | |
| Broadcom eTrust Audit Aries | =8.0 | |
| Broadcom eTrust Audit iRecorder | =1.5-sp2 | |
| Broadcom eTrust Audit iRecorder | =1.5-sp3 | |
| Broadcom eTrust Audit iRecorder | =8.0 | |
| Broadcom CA IdentityMinder | =8.0 | |
| Broadcom CA Threat Manager | =8.0 | |
| Broadcom iGateway | <=4.0.050615 | |
| Broadcom Unicenter Asset Portfolio Management | =11.0 | |
| Broadcom Unicenter AutoSys Job Management | =11.0 | |
| broadcom unicenter service delivery | =11.0 | |
| Broadcom Unicenter ServicePlus Service Desk | =11.0 | |
| Broadcom Unicenter Service Desk Knowledge Tools | =11.0 | |
| Broadcom Unicenter Service Fulfillment | =2.2 | |
| Broadcom Unicenter Service Metric Analysis | =11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376
- http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778
- http://www.osvdb.org/22688
- http://www.securityfocus.com/bid/16354
- http://securitytracker.com/id?1015526
- http://secunia.com/advisories/18591
- http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp
- http://securityreason.com/securityalert/380
- http://www.vupen.com/english/advisories/2006/0311
- http://marc.info/?l=full-disclosure&m=113803349715927&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24269
- http://www.securityfocus.com/archive/1/423403/100/0/threaded
- http://www.securityfocus.com/archive/1/423288/100/0/threaded
- agent/type
- agent/remedy
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/author
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/weakness
- agent/tags
- agent/softwarecombine
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ca
- canonical/ca unicenter web services distributed management
- version/ca unicenter web services distributed management/11.0
- canonical/broadcom etrust secure content manager
- version/broadcom etrust secure content manager/8.0
- canonical/ca unicenter management
- version/ca unicenter management/11.0
- version/ca unicenter management/3.5
- canonical/broadcom ca unicenter service catalog fulfillment accounting
- version/broadcom ca unicenter service catalog fulfillment accounting/11.0
- canonical/ca unicenter web server management
- version/ca unicenter web server management/11.0
- canonical/broadcom brightstor enterprise backup
- version/broadcom brightstor enterprise backup/10.5
- version/broadcom brightstor enterprise backup/10.0
- canonical/ca etrust directory
- version/ca etrust directory/8.1_web_components
- canonical/broadcom etrust audit aries
- version/broadcom etrust audit aries/1.5-sp2
- canonical/broadcom unicenter service fulfillment
- version/broadcom unicenter service fulfillment/11.0
- canonical/broadcom unicenter application performance monitor
- version/broadcom unicenter application performance monitor/11.0
- canonical/broadcom brightstor arcserve backup
- version/broadcom brightstor arcserve backup/11
- canonical/broadcom ca service level management
- version/broadcom ca service level management/11.0
- canonical/ca unicenter application server management
- version/ca unicenter application server management/11.0
- canonical/ca unicenter exchange management console
- version/ca unicenter exchange management console/11.0
- version/broadcom etrust audit aries/1.5-sp3
- vendor/broadcom
- version/broadcom brightstor arcserve backup/11.5
- version/broadcom brightstor arcserve backup/11.1
- version/broadcom brightstor arcserve backup/9.01
- canonical/broadcom brightstor portal
- version/broadcom brightstor portal/11.1
- canonical/broadcom brightstor process automation manager
- version/broadcom brightstor process automation manager/11.1
- canonical/broadcom brightstor san manager
- version/broadcom brightstor san manager/11.1
- version/broadcom brightstor san manager/11.5
- canonical/broadcom brightstor storage resource manager
- version/broadcom brightstor storage resource manager/11.1
- version/broadcom brightstor storage resource manager/11.5
- version/broadcom brightstor storage resource manager/6.3
- version/broadcom brightstor storage resource manager/6.4
- canonical/brightstor arcserve backup
- version/brightstor arcserve backup/11.0
- version/brightstor arcserve backup/11.1
- canonical/broadcom etrust admin
- version/broadcom etrust admin/8.1
- version/broadcom etrust audit aries/8.0
- canonical/broadcom etrust audit irecorder
- version/broadcom etrust audit irecorder/1.5-sp2
- version/broadcom etrust audit irecorder/1.5-sp3
- version/broadcom etrust audit irecorder/8.0
- canonical/broadcom ca identityminder
- version/broadcom ca identityminder/8.0
- canonical/broadcom ca threat manager
- version/broadcom ca threat manager/8.0
- canonical/broadcom igateway
- version/broadcom igateway/4.0.050615
- canonical/broadcom unicenter asset portfolio management
- version/broadcom unicenter asset portfolio management/11.0
- canonical/broadcom unicenter autosys job management
- version/broadcom unicenter autosys job management/11.0
- canonical/broadcom unicenter service delivery
- version/broadcom unicenter service delivery/11.0
- canonical/broadcom unicenter serviceplus service desk
- version/broadcom unicenter serviceplus service desk/11.0
- canonical/broadcom unicenter service desk knowledge tools
- version/broadcom unicenter service desk knowledge tools/11.0
- version/broadcom unicenter service fulfillment/2.2
- canonical/broadcom unicenter service metric analysis
- version/broadcom unicenter service metric analysis/11.0