Alias(es)Computer.Associates.License.GCR.String.BufferOverflow |
Release DateOct 19, 2006 |
Severitycritical |
ImpactGain Access |
DescriptionComputer Associates? License Server and License Server and Client has a stack-base buffer overflow. A attacker can execute arbitrary code on the system with the LocalSystem or root privileges via a GCR (GETCONFIG) request with too long IP address, hostname, or netmask string in the NETWORK parameter. |
Affected ProductsComputer Associates License ServerClient 1.53 to 1.61.8 |
Recommended ActionsApply the appropriate patch for your system.http://supportconnectw.ca.com/public/reglic/downloads/licensepatch.asp#alp |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2005-0581 |
Reference/shttp://www.securityfocus.com/bid/12705 (BugTraq) |
