CVE-2005-0581

critical

Description

Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.

References

http://www.idefense.com/application/poi/display?id=215&type=vulnerabilities

http://www.idefense.com/application/poi/display?id=214&type=vulnerabilities

http://www.idefense.com/application/poi/display?id=213&type=vulnerabilities

http://www.idefense.com/application/poi/display?id=210&type=vulnerabilities

http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp

http://marc.info/?l=bugtraq&m=110979326828704&w=2

Details

Source: Mitre, NVD

Published: 2005-05-02

Updated: 2024-11-20

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical