Computer Associates License Service GCR buffer overflow

2006-07-28T00:00:00
ID SAINT:735D837C20C2F2A44E9924C8BC957104
Type saint
Reporter SAINT Corporation
Modified 2006-07-28T00:00:00

Description

Added: 07/28/2006
CVE: CVE-2005-0581
BID: 12705
OSVDB: 14389

Background

The License service comes with most Computer Associatesproducts and exchanges license information over ports 10202/tcp and 10203/tcp.

Problem

A buffer overflow vulnerability in the processing of GCR messages allows remote attackers to execute arbitrary commands.

Resolution

Install the patch.

References

<http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp>
<http://www.idefense.com/intelligence/vulnerabilities/display.php?id=214>

Limitations

Exploit works on BrightStor ARCserve Backup 11.1.

Platforms

Windows 2000
Windows XP SP0 / Windows XP SP1
Windows XP SP2 / Windows XP
Windows Server 2003
Linux