Detections
Analytics

CA License Service Multiple Vulnerabilities

critical Nessus Plugin ID 17307

Language:

Synopsis

Arbitrary code can be executed on the remote host.

Description

The remote host is running the Computer Associate License Application.

The remote version of this software is vulnerable to several flaws that could allow a remote attacker to execute arbitrary code on the remote host with SYSTEM privileges.

Solution

http://www.nessus.org/u?c1c908e9

See Also

https://www.beyondtrust.com/resources/blog/research/

Plugin Details

Severity: Critical

ID: 17307

File Name: CA_License_Service_Stack_Overflow.nasl

Version: 1.34

Type: remote

Agent: windows

Family: Windows

Published: 3/10/2005

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/2/2005

Vulnerability Publication Date: 3/2/2005

Exploitable With

CANVAS (CANVAS)

Metasploit (Computer Associates License Server GETCONFIG Overflow)

Reference Information

CVE: CVE-2005-0581, CVE-2005-0582, CVE-2005-0583

BID: 12705