Computer Associates License Client PUTOLF buffer overflow

2006-07-21T00:00:00
ID SAINT:41C29ED1709960A648009455F011B215
Type saint
Reporter SAINT Corporation
Modified 2006-07-21T00:00:00

Description

Added: 07/21/2006
CVE: CVE-2005-0582
BID: 12705
OSVDB: 14389

Background

The CA License Client comes with most Computer Associates products. It uses ports 10202/tcp and 10203/tcp to exchange product license information.

Problem

A buffer overflow in the CA License Client allows remote command execution by sending a long, specially crafted file name in a PUTOLF request.

Resolution

Apply a patch.

References

<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=211>

Limitations

Exploit works on the License server in BrightStor ARCserve Backup r11.1. The vulnerable product needs to be installed in its default location, C:\Program Files\CA\SharedComponents\CA_LIC\ in order for the exploit to succeed.

Platforms

Windows 2000
Windows XP SP0 / Windows XP SP1
Windows XP SP2 / Windows XP
Windows Server 2003
Windows NT
Linux / Red Hat
SuSE