Intrusion Prevention

CA.iTechnology.iGateway.Service.Content-Length.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in the iTechnology iGateway service of multiple Computer Associates' product. The vulnerability is caused by insufficient boundary checks of the value of the Content-Length header field in received HTTP requests.

Affected Products

Computer Associates iTechnology iGateway prior to 4.0.050615

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site:
ftp://ftp.ca.com/pub/iTech/downloads

CVE References

CVE-2005-3653