CERTA-2006-AVI-046
Vulnerability from certfr_avis
None
Description
Une vulnérabilité a été découverte dans plusieurs produits de la société Computer Associate. Cette vulnérabilité, de type débordement de mémoire et présente dans le module iGateway, peut être exploitée par un utilisateur mal intentionné afin de réaliser un déni de service et/ou exécuter du code arbitraire à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | BrightStor ARCserve Backup v9.01 ; | ||
| N/A | N/A | Unicenter Service Delivery R11 ; | ||
| N/A | N/A | BrightStor ARCserve Backup Laptop & Desktop r11.1 ; | ||
| N/A | N/A | eTrust Secure Content Manager (SCM) R8 ; | ||
| Centreon | Web | Unicenter Web Server Management R11 ; | ||
| N/A | N/A | BrightStor Storage Resource Manager r11.1 ; | ||
| N/A | N/A | Unicenter Application Performance Monitor R11 ; | ||
| N/A | N/A | eTrust Directory R8.1 ; | ||
| Liferay | N/A | Unicenter Service Catalog/Fulfillment/Accounting R11 ; | ||
| N/A | N/A | eTrust Audit 8.0 (iRecorders et ARIES) ; | ||
| Symfony | process | BrightStor Process Automation Manager r11.1 ; | ||
| Liferay | N/A | Unicenter AutoSys JM R11 ; | ||
| N/A | N/A | BrightStor ARCserve Backup Laptop & Desktop r11 ; | ||
| N/A | N/A | Unicenter MQ Management R11 ; | ||
| N/A | N/A | eTrust Integrated Threat Management (ITM) R8 ; | ||
| Microsoft | Windows | BrightStor ARCserve Backup for Windows r11 ; | ||
| N/A | N/A | BrightStor Storage Resource Manager 6.4 ; | ||
| Matrix | N/A | Unicenter Service Matrix Analysis R11 ; | ||
| N/A | N/A | Unicenter Management for WebLogic / Management for WebSphere R11 ; | ||
| N/A | N/A | eTrust Identity Minder 8.0 ; | ||
| Liferay | Portal | BrightStor Portal 11.1 ; | ||
| N/A | N/A | eTrust Admin 8.1 ; | ||
| N/A | N/A | Unicenter Exchange Management R11. | ||
| N/A | N/A | Unicenter Service Fulfillment R11 ; | ||
| N/A | N/A | BrightStor Enterprise Backup 10.5 ; | ||
| N/A | N/A | Unicenter Service Level Management (USLM) R11 ; | ||
| N/A | N/A | Unicenter Service Desk R11 ; | ||
| N/A | N/A | iGateway versions antérieures à la version 4.0.051230 ; | ||
| N/A | N/A | BrightStor Storage Resource Manager 6.3 ; | ||
| N/A | N/A | BrightStor SAN Manager r11.5 ; | ||
| Liferay | N/A | Unicenter Service Desk Knowledge Tools R11 ; | ||
| N/A | N/A | BrightStor ARCserve Backup r11.5 ; | ||
| N/A | N/A | Advantage Data Transformer (ADT) R2.2 ; | ||
| Centreon | Web | Unicenter CA Web Services Distributed Management R11 ; | ||
| Liferay | N/A | Unicenter Asset Portfolio Management R11 ; | ||
| Liferay | N/A | Unicenter Service Fulfillment 2.2 ; | ||
| N/A | N/A | eTrust Audit 1.5 SP2 (iRecorders et ARIES) ; | ||
| N/A | N/A | BrightStor Storage Resource Manager r11.5 ; | ||
| N/A | N/A | Unicenter Application Server Managment R11 ; | ||
| N/A | N/A | BrightStor ARCserve Backup r11.1 ; | ||
| N/A | N/A | BrightStor SAN Manager r11.1 ; | ||
| N/A | N/A | eTrust Audit 1.5 SP3 (iRecorders et ARIES) ; |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BrightStor ARCserve Backup v9.01 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter Service Delivery R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup Laptop \u0026 Desktop r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "eTrust Secure Content Manager (SCM) R8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter Web Server Management R11 ;",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "BrightStor Storage Resource Manager r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter Application Performance Monitor R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "eTrust Directory R8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter Service Catalog/Fulfillment/Accounting R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Liferay",
"scada": false
}
}
},
{
"description": "eTrust Audit 8.0 (iRecorders et ARIES) ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor Process Automation Manager r11.1 ;",
"product": {
"name": "process",
"vendor": {
"name": "Symfony",
"scada": false
}
}
},
{
"description": "Unicenter AutoSys JM R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Liferay",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup Laptop \u0026 Desktop r11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter MQ Management R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "eTrust Integrated Threat Management (ITM) R8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup for Windows r11 ;",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
},
{
"description": "BrightStor Storage Resource Manager 6.4 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter Service Matrix Analysis R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Matrix",
"scada": false
}
}
},
{
"description": "Unicenter Management for WebLogic / Management for WebSphere R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "eTrust Identity Minder 8.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor Portal 11.1 ;",
"product": {
"name": "Portal",
"vendor": {
"name": "Liferay",
"scada": false
}
}
},
{
"description": "eTrust Admin 8.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter Exchange Management R11.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter Service Fulfillment R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor Enterprise Backup 10.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter Service Level Management (USLM) R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter Service Desk R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "iGateway versions ant\u00e9rieures \u00e0 la version 4.0.051230 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor Storage Resource Manager 6.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor SAN Manager r11.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter Service Desk Knowledge Tools R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Liferay",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup r11.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Advantage Data Transformer (ADT) R2.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter CA Web Services Distributed Management R11 ;",
"product": {
"name": "Web",
"vendor": {
"name": "Centreon",
"scada": false
}
}
},
{
"description": "Unicenter Asset Portfolio Management R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Liferay",
"scada": false
}
}
},
{
"description": "Unicenter Service Fulfillment 2.2 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "Liferay",
"scada": false
}
}
},
{
"description": "eTrust Audit 1.5 SP2 (iRecorders et ARIES) ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor Storage Resource Manager r11.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Unicenter Application Server Managment R11 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor SAN Manager r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "eTrust Audit 1.5 SP3 (iRecorders et ARIES) ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans plusieurs produits de la soci\u00e9t\u00e9\nComputer Associate. Cette vuln\u00e9rabilit\u00e9, de type d\u00e9bordement de m\u00e9moire\net pr\u00e9sente dans le module iGateway, peut \u00eatre exploit\u00e9e par un\nutilisateur mal intentionn\u00e9 afin de r\u00e9aliser un d\u00e9ni de service et/ou\nex\u00e9cuter du code arbitraire \u00e0 distance.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2005-3653",
"url": "https://www.cve.org/CVERecord?id=CVE-2005-3653"
}
],
"initial_release_date": "2006-01-26T00:00:00",
"last_revision_date": "2006-01-26T00:00:00",
"links": [
{
"title": "Site de l\u0027\u00e9diteur :",
"url": "http://www.ca.com"
},
{
"title": "Mise \u00e0 jour :",
"url": "ftp://ftp.ca.com/pub/iTech/downloads"
}
],
"reference": "CERTA-2006-AVI-046",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2006-01-26T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": null,
"title": "Vuln\u00e9rabilit\u00e9 des produits Computer Associate",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de mise \u00e0 jour Computer Associate",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…