ID CVE-2005-0581
Summary Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.
References
Vulnerable Configurations
  • Computer Associates License Client and Server 0.1.0.15
    cpe:2.3:a:ca:license_software:0.1.0.15
CVSS
Base: 4.6 (as of 08-06-2005 - 13:03)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
exploit-db via4
  • description CA License Server (GETCONFIG) Remote Buffer Overflow Exploit (c). CVE-2005-0581,CVE-2005-0582. Remote exploit for windows platform
    id EDB-ID:859
    last seen 2016-01-31
    modified 2005-03-06
    published 2005-03-06
    reporter class101
    source https://www.exploit-db.com/download/859/
    title CA License Server GETCONFIG Remote Buffer Overflow Exploit c
  • description Computer Associates License Server GETCONFIG Overflow. CVE-2005-0581. Remote exploit for windows platform
    id EDB-ID:16745
    last seen 2016-02-02
    modified 2010-09-20
    published 2010-09-20
    reporter metasploit
    source https://www.exploit-db.com/download/16745/
    title Computer Associates License Server GETCONFIG Overflow
  • description CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow. CVE-2005-0581. Remote exploit for windows platform
    id EDB-ID:16414
    last seen 2016-02-01
    modified 2010-11-03
    published 2010-11-03
    reporter metasploit
    source https://www.exploit-db.com/download/16414/
    title CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow
  • description Computer Associates License Client GETCONFIG Overflow. CVE-2005-0581. Remote exploit for windows platform
    id EDB-ID:16744
    last seen 2016-02-02
    modified 2010-09-20
    published 2010-09-20
    reporter metasploit
    source https://www.exploit-db.com/download/16744/
    title Computer Associates License Client GETCONFIG Overflow
metasploit via4
  • description This module exploits a stack buffer overflow in Computer Associates BrightStor ARCserve Backup 11.0. By sending a specially crafted request to the lic98rmtd.exe service, an attacker could overflow the buffer and execute arbitrary code.
    id MSF:EXPLOIT/WINDOWS/BRIGHTSTOR/LICENSE_GCR
    last seen 2019-03-18
    modified 2017-07-24
    published 2009-01-25
    reliability Average
    reporter Rapid7
    source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/brightstor/license_gcr.rb
    title CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow
  • description This module exploits a vulnerability in the CA License Client service. This exploit will only work if your IP address can be resolved from the target system point of view. This can be accomplished on a local network by running the 'nmbd' service that comes with Samba. If you are running this exploit from Windows and do not filter udp port 137, this should not be a problem (if the target is on the same network segment). Due to the bugginess of the software, you are only allowed one connection to the agent port before it starts ignoring you. If it wasn't for this issue, it would be possible to repeatedly exploit this bug.
    id MSF:EXPLOIT/WINDOWS/LICENSE/CALICCLNT_GETCONFIG
    last seen 2019-03-18
    modified 2017-11-08
    published 2010-02-13
    reliability Average
    reporter Rapid7
    source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/license/calicclnt_getconfig.rb
    title Computer Associates License Client GETCONFIG Overflow
  • description This module exploits an vulnerability in the CA License Server network service. By sending an excessively long GETCONFIG packet the stack may be overwritten.
    id MSF:EXPLOIT/WINDOWS/LICENSE/CALICSERV_GETCONFIG
    last seen 2019-03-22
    modified 2017-11-08
    published 2010-02-13
    reliability Normal
    reporter Rapid7
    source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/license/calicserv_getconfig.rb
    title Computer Associates License Server GETCONFIG Overflow
nessus via4
NASL family Windows
NASL id CA_LICENSE_SERVICE_STACK_OVERFLOW.NASL
description The remote host is running the Computer Associate License Application. The remote version of this software is vulnerable to several flaws that could allow a remote attacker to execute arbitrary code on the remote host with SYSTEM privileges.
last seen 2019-02-21
modified 2018-11-15
plugin id 17307
published 2005-03-10
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=17307
title CA License Service Multiple Vulnerabilities
packetstorm via4
refmap via4
bugtraq 20050302 License Patches Are Now Available To Address Buffer Overflows
confirm http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp
idefense
  • 20050302 Computer Associates License Client and Server Invalid Command Buffer Overflow
  • 20050302 Computer Associates License Client/Server GCR Checksum Buffer Overflow
  • 20050302 Computer Associates License Client/Server GCR Network Buffer Overflow
  • 20050302 Computer Associates License Client/Server GETCONFIG Buffer Overflow
saint via4
  • bid 12705
    description Computer Associates License Service GCR buffer overflow
    id misc_calicense
    osvdb 14389
    title ca_license_gcr
    type remote
  • bid 12705
    description Computer Associates License Service invalid command buffer overflow
    id misc_calicense
    osvdb 14389
    title ca_license_invalid_command
    type remote
  • bid 12705
    description Computer Associates License Service GETCONFIG buffer overflow
    id misc_calicense
    osvdb 14389
    title ca_license_getconfig
    type remote
Last major update 17-10-2016 - 23:12
Published 02-05-2005 - 00:00
Back to Top