Detections
Analytics
CA License Service Multiple Vulnerabilities
critical Nessus Network Monitor Plugin ID 2688
Synopsis
The remote host is vulnerable to a buffer overflow.Description
The remote host is running the Computer Associate License Application.The remote version of this software is vulnerable to several flaws that
may allow a remote attacker to execute arbitrary code on the remote host
with the SYSTEM privileges.
Solution
Upgrade or patch according to vendor recommendations.See Also
http://research.eeye.com/html/advisories/published/AD20050302.html
http://www.eeye.com/html/research/advisories/AD20050302.html
http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp
Plugin Details
Severity: Critical
ID: 2688
Family: Generic
Published: 3/10/2005
Updated: 3/6/2019
Nessus ID: 17307
Risk Information
VPR
Risk Factor: High
Score: 7.7
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:ca:license_software
Exploitable With
CANVAS (CANVAS)
Metasploit (Computer Associates License Server GETCONFIG Overflow)
Reference Information
CVE: CVE-2005-0581, CVE-2005-0582, CVE-2005-0583
BID: 12705