[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110139

 
 

909

 
 

85964

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2005-3653Date: (C)2005-12-31   (M)2018-02-19


Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 10.0
Exploit Score: Exploit Score: 10.0
Impact Score: Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: LOW
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: COMPLETE
Scope: Integrity: COMPLETE
Confidentiality: Availability: COMPLETE
Integrity:  
Availability:  
  
Reference:
SECTRACK-1015526
BID-16354
SECUNIA-18591
http://www.securityfocus.com/archive/1/archive/1/423403/100/0/threaded
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376
http://www.securityfocus.com/archive/1/archive/1/423288/100/0/threaded
OSVDB-22688
SREASON-380
ADV-2006-0311
IAVM:2006-A-0008
ca-igateway-contentlength-bo(24269)
http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778

CPE    30
cpe:/a:ca:unicenter_service_metric_analysis:11.0
cpe:/a:ca:brightstor_storage_resource_manager:6.4
cpe:/a:ca:brightstor_storage_resource_manager:6.3
cpe:/a:ca:etrust_audit_irecorder:1.5:sp2
...
CWE    1
CWE-119
OVAL    2
oval:org.secpod.oval:def:8951
oval:org.secpod.oval:def:8953

© SecPod Technologies