The CA License Client comes with most Computer Associates products. It uses ports 10202/tcp and 10203/tcp to exchange product license information.
A buffer overflow in the CA License Client allows remote command execution by sending a long, specially crafted file name in a PUTOLF request.
Apply a patch.
Exploit works on the License server in BrightStor ARCserve Backup r11.1. The vulnerable product needs to be installed in its default location,
C:\Program Files\CA\SharedComponents\CA_LIC\ in order for the exploit to succeed.
Windows XP SP0 / Windows XP SP1
Windows XP SP2 / Windows XP
Windows Server 2003
Linux / Red Hat