CVE-2005-3653: Buffer Overflow
First published: Sat Dec 31 2005(Updated: )
Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ca Unicenter Ca Web Services Distributed Management | =11.0 | |
| CA ETrust Secure Content Manager | =8.0 | |
| Ca Unicenter Management | =11.0 | |
| Ca Unicenter Management | =3.5 | |
| Ca Unicenter Service Catalog Fulfillment Accounting | =11.0 | |
| Ca Unicenter Web Server Management | =11.0 | |
| Ca Brightstor Enterprise Backup | =10.5 | |
| Ca Brightstor Enterprise Backup | =10.0 | |
| Ca Etrust Directory | =8.1_web_components | |
| Ca Etrust Audit Aries | =1.5-sp2 | |
| Ca Unicenter Service Fulfillment | =11.0 | |
| Ca Unicenter Application Performance Monitor | =11.0 | |
| CA BrightStor ARCServe BackUp | =11 | |
| Ca Brightstor Enterprise Backup | =10.5 | |
| Ca Unicenter Service Level Management | =11.0 | |
| Ca Unicenter Application Server Managment | =11.0 | |
| Ca Brightstor Enterprise Backup | =10.5 | |
| Ca Unicenter Exchange Management Console | =11.0 | |
| Ca Etrust Audit Aries | =1.5-sp3 | |
| Ca Unicenter Management | =11.0 | |
| CA Unicenter Web Services Distributed Management | =11.0 | |
| Broadcom Brightstor Arcserve Backup | =11.5 | |
| Broadcom Brightstor Arcserve Backup | =11.1 | |
| Broadcom Brightstor Arcserve Backup | =9.01 | |
| Broadcom Brightstor Portal | =11.1 | |
| Broadcom Brightstor Process Automation Manager | =11.1 | |
| Broadcom Brightstor San Manager | =11.1 | |
| Broadcom Brightstor San Manager | =11.5 | |
| Broadcom Brightstor Storage Resource Manager | =11.1 | |
| Broadcom Brightstor Storage Resource Manager | =11.5 | |
| Broadcom Brightstor Storage Resource Manager | =6.3 | |
| Broadcom Brightstor Storage Resource Manager | =6.4 | |
| Broadcom Brightstor Arcserve Backup Laptops Desktops | =11.0 | |
| Broadcom Brightstor Arcserve Backup Laptops Desktops | =11.1 | |
| Broadcom Etrust Admin | =8.1 | |
| Broadcom Etrust Audit Aries | =8.0 | |
| Broadcom Etrust Audit Irecorder | =1.5-sp2 | |
| Broadcom Etrust Audit Irecorder | =1.5-sp3 | |
| Broadcom Etrust Audit Irecorder | =8.0 | |
| Broadcom Etrust Identity Minder | =8.0 | |
| Broadcom Etrust Integrated Threat Management | =8.0 | |
| Broadcom Itechnology Igateway | <=4.0.050615 | |
| Broadcom Unicenter Asset Portfolio Management | =11.0 | |
| Broadcom Unicenter Autosys Jm | =11.0 | |
| Broadcom Unicenter Service Delivery | =11.0 | |
| Broadcom Unicenter Service Desk | =11.0 | |
| Broadcom Unicenter Service Desk Knowledge Tools | =11.0 | |
| Broadcom Unicenter Service Fulfillment | =2.2 | |
| Broadcom Unicenter Service Metric Analysis | =11.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376
- http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778
- http://www.osvdb.org/22688
- http://www.securityfocus.com/bid/16354
- http://securitytracker.com/id?1015526
- http://secunia.com/advisories/18591
- http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp
- http://securityreason.com/securityalert/380
- http://www.vupen.com/english/advisories/2006/0311
- http://marc.info/?l=full-disclosure&m=113803349715927&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24269
- http://www.securityfocus.com/archive/1/423403/100/0/threaded
- http://www.securityfocus.com/archive/1/423288/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/description
- agent/event
- agent/remedy
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ca
- canonical/ca unicenter ca web services distributed management
- version/ca unicenter ca web services distributed management/11.0
- canonical/ca etrust secure content manager
- version/ca etrust secure content manager/8.0
- canonical/ca unicenter management
- version/ca unicenter management/11.0
- version/ca unicenter management/3.5
- canonical/ca unicenter service catalog fulfillment accounting
- version/ca unicenter service catalog fulfillment accounting/11.0
- canonical/ca unicenter web server management
- version/ca unicenter web server management/11.0
- canonical/ca brightstor enterprise backup
- version/ca brightstor enterprise backup/10.5
- version/ca brightstor enterprise backup/10.0
- canonical/ca etrust directory
- version/ca etrust directory/8.1_web_components
- canonical/ca etrust audit aries
- version/ca etrust audit aries/1.5-sp2
- canonical/ca unicenter service fulfillment
- version/ca unicenter service fulfillment/11.0
- canonical/ca unicenter application performance monitor
- version/ca unicenter application performance monitor/11.0
- canonical/ca brightstor arcserve backup
- version/ca brightstor arcserve backup/11
- canonical/ca unicenter service level management
- version/ca unicenter service level management/11.0
- canonical/ca unicenter application server managment
- version/ca unicenter application server managment/11.0
- canonical/ca unicenter exchange management console
- version/ca unicenter exchange management console/11.0
- version/ca etrust audit aries/1.5-sp3
- canonical/ca unicenter web services distributed management
- version/ca unicenter web services distributed management/11.0
- vendor/broadcom
- canonical/broadcom brightstor arcserve backup
- version/broadcom brightstor arcserve backup/11.5
- version/broadcom brightstor arcserve backup/11.1
- version/broadcom brightstor arcserve backup/9.01
- canonical/broadcom brightstor portal
- version/broadcom brightstor portal/11.1
- canonical/broadcom brightstor process automation manager
- version/broadcom brightstor process automation manager/11.1
- canonical/broadcom brightstor san manager
- version/broadcom brightstor san manager/11.1
- version/broadcom brightstor san manager/11.5
- canonical/broadcom brightstor storage resource manager
- version/broadcom brightstor storage resource manager/11.1
- version/broadcom brightstor storage resource manager/11.5
- version/broadcom brightstor storage resource manager/6.3
- version/broadcom brightstor storage resource manager/6.4
- canonical/broadcom brightstor arcserve backup laptops desktops
- version/broadcom brightstor arcserve backup laptops desktops/11.0
- version/broadcom brightstor arcserve backup laptops desktops/11.1
- canonical/broadcom etrust admin
- version/broadcom etrust admin/8.1
- canonical/broadcom etrust audit aries
- version/broadcom etrust audit aries/8.0
- canonical/broadcom etrust audit irecorder
- version/broadcom etrust audit irecorder/1.5-sp2
- version/broadcom etrust audit irecorder/1.5-sp3
- version/broadcom etrust audit irecorder/8.0
- canonical/broadcom etrust identity minder
- version/broadcom etrust identity minder/8.0
- canonical/broadcom etrust integrated threat management
- version/broadcom etrust integrated threat management/8.0
- canonical/broadcom itechnology igateway
- version/broadcom itechnology igateway/4.0.050615
- canonical/broadcom unicenter asset portfolio management
- version/broadcom unicenter asset portfolio management/11.0
- canonical/broadcom unicenter autosys jm
- version/broadcom unicenter autosys jm/11.0
- canonical/broadcom unicenter service delivery
- version/broadcom unicenter service delivery/11.0
- canonical/broadcom unicenter service desk
- version/broadcom unicenter service desk/11.0
- canonical/broadcom unicenter service desk knowledge tools
- version/broadcom unicenter service desk knowledge tools/11.0
- canonical/broadcom unicenter service fulfillment
- version/broadcom unicenter service fulfillment/2.2
- canonical/broadcom unicenter service metric analysis
- version/broadcom unicenter service metric analysis/11.0