Vulnerability-Lookup - Search a vulnerability

All the vulnerabilites related to broadcom - brightstor_process_automation_manager

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:02

Severity ?

Summary

Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=full-disclosure&m=113803349715927&w=2
cve@mitre.org	http://secunia.com/advisories/18591	Patch, Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/380
cve@mitre.org	http://securitytracker.com/id?1015526	Patch
cve@mitre.org	http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp	Patch, Vendor Advisory
cve@mitre.org	http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376	Patch, Vendor Advisory
cve@mitre.org	http://www.osvdb.org/22688	Patch
cve@mitre.org	http://www.securityfocus.com/archive/1/423288/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/423403/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/16354	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0311	Vendor Advisory
cve@mitre.org	http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24269
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=full-disclosure&m=113803349715927&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18591	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/380
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015526	Patch
af854a3a-2127-422b-91ae-364da2661108	http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/22688	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/423288/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/423403/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16354	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0311	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24269

Impacted products

Vendor	Product	Version
broadcom	brightstor_arcserve_backup	9.01
broadcom	brightstor_arcserve_backup	11.1
broadcom	brightstor_arcserve_backup	11.5
broadcom	brightstor_arcserve_backup_laptops_desktops	11.0
broadcom	brightstor_arcserve_backup_laptops_desktops	11.1
broadcom	brightstor_portal	11.1
broadcom	brightstor_process_automation_manager	11.1
broadcom	brightstor_san_manager	11.1
broadcom	brightstor_san_manager	11.5
broadcom	brightstor_storage_resource_manager	6.3
broadcom	brightstor_storage_resource_manager	6.4
broadcom	brightstor_storage_resource_manager	11.1
broadcom	brightstor_storage_resource_manager	11.5
broadcom	etrust_admin	8.1
broadcom	etrust_audit_aries	8.0
broadcom	etrust_audit_irecorder	1.5
broadcom	etrust_audit_irecorder	1.5
broadcom	etrust_audit_irecorder	8.0
broadcom	etrust_identity_minder	8.0
broadcom	etrust_integrated_threat_management	8.0
broadcom	itechnology_igateway	*
broadcom	unicenter_asset_portfolio_management	11.0
broadcom	unicenter_autosys_jm	11.0
broadcom	unicenter_service_delivery	11.0
broadcom	unicenter_service_desk	11.0
broadcom	unicenter_service_desk_knowledge_tools	11.0
broadcom	unicenter_service_fulfillment	2.2
broadcom	unicenter_service_metric_analysis	11.0
ca	brightstor_arcserve_backup	11
ca	brightstor_enterprise_backup	10.0
ca	brightstor_enterprise_backup	10.5
ca	brightstor_enterprise_backup	10.5
ca	brightstor_enterprise_backup	10.5
ca	etrust_audit_aries	1.5
ca	etrust_audit_aries	1.5
ca	etrust_directory	8.1_web_components
ca	etrust_secure_content_manager	8.0
ca	unicenter_application_performance_monitor	11.0
ca	unicenter_application_server_managment	11.0
ca	unicenter_ca_web_services_distributed_management	11.0
ca	unicenter_exchange_management_console	11.0
ca	unicenter_management	3.5
ca	unicenter_management	11.0
ca	unicenter_management	11.0
ca	unicenter_service_catalog_fulfillment_accounting	11.0
ca	unicenter_service_fulfillment	11.0
ca	unicenter_service_level_management	11.0
ca	unicenter_web_server_management	11.0
ca	unicenter_web_services_distributed_management	11.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F206D15-FF0D-400E-9727-5DA6C07B57EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_process_automation_manager:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD04989D-D045-4693-87DA-16754D9BF644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA67A49C-688A-4B6E-8B90-BEC937FCEE20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFD847AD-8AD1-40C1-9582-CC234D900CEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "70D35A8A-BB31-4FC6-8031-D93FE7347A10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7384B78-1F35-4DB4-A128-EBE33FD70C8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3F5A1F3-EEE3-4187-9F44-545EB21EF121",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "152FDE32-0525-4F1E-9BD5-A3EB47644B03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "08594EFB-E04B-42E8-BE00-C3ACDB62BA4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_audit_aries:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBBF77AF-542C-49E8-8F5A-1C0DB73F2DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "6829D317-1AB6-471B-9CE4-563C4FFB290D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "571D4793-63EE-4A9D-991B-0F92842BDF58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_audit_irecorder:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F182A43-4999-441D-9B37-093E033BAADC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_identity_minder:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DF2F1AC-CF62-47CE-96B3-08CE412A7D0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "045F1ADA-E9D1-4C8B-9275-040939E73A6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:itechnology_igateway:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA60254A-F0BE-4E53-9D04-C3F4D80E662D",
              "versionEndIncluding": "4.0.050615",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_asset_portfolio_management:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3358719-780A-41E1-A09A-7C27C921D6DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_autosys_jm:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "388A5565-442B-441C-B727-586B23FE8540",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_service_delivery:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "137A1E55-CDF0-49FF-9A63-5FB44BA9FC40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_service_desk:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2247ED3-2CF1-49A5-9456-F51164A1D220",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_service_desk_knowledge_tools:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3046725F-B0C5-4625-AE5D-8B6C7DC9A085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_service_fulfillment:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF7FADA4-429F-4658-A47C-DCB13D6ED903",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:unicenter_service_metric_analysis:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "607CA384-B71B-460F-ACCF-ACCBC9C17FA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
              "matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "15862D0F-90C0-46A3-8457-B1FD8877CC74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "196FFF4A-1976-477B-927F-82A3CBECA530",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:tru64:*:*:*:*:*",
              "matchCriteriaId": "5DC10E01-4694-4699-9C8D-328627F515D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:windows_64-bit:*:*:*:*:*",
              "matchCriteriaId": "2C3C45FE-C057-4DF2-8D68-892C9DD47ED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_audit_aries:1.5:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "473DC00E-B779-4CB4-A165-DE2954F225C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_audit_aries:1.5:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "A7A0ED34-94B3-447E-8CF2-8439FAF05894",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_directory:8.1_web_components:*:*:*:*:*:*:*",
              "matchCriteriaId": "F148F27B-50D6-4C29-BC9D-1E11B783808D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DB54A16-5E56-46FC-A49C-56C98C0B8F1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:unicenter_application_performance_monitor:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "96C5D628-2CBB-4ED1-B7C1-C2ABE6A8E2FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:unicenter_application_server_managment:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "54A75987-8E51-4D25-965D-343E8F07BC25",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:unicenter_ca_web_services_distributed_management:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "48726411-E052-4F4A-9EAC-7616059E3599",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:unicenter_exchange_management_console:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1ADE61A-3096-4079-B586-00B977B5E523",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:unicenter_management:3.5:*:websphere_mq:*:*:*:*:*",
              "matchCriteriaId": "0FE2A55B-A89D-470E-8E9E-4B1B0FB1C4C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:unicenter_management:11.0:*:weblogic:*:*:*:*:*",
              "matchCriteriaId": "07E5BAC2-FF02-4ADC-9939-AE93B60E53E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:unicenter_management:11.0:*:websphere:*:*:*:*:*",
              "matchCriteriaId": "DBB1EA1F-57BA-4850-B5C2-6900A1DE80CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:unicenter_service_catalog_fulfillment_accounting:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8045AE85-40C1-4122-B073-8579E84B88D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:unicenter_service_fulfillment:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E8DB1604-AFCB-4D37-9665-9725119570F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:unicenter_service_level_management:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF170A77-7B4D-4B0F-BA7C-05773E03DFE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:unicenter_web_server_management:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "11364903-CA67-499C-9BE8-36B01FD7E7A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:unicenter_web_services_distributed_management:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "83DFAC82-1835-49EE-AE88-BFFFD2D6C2B9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."
    }
  ],
  "id": "CVE-2005-3653",
  "lastModified": "2024-11-21T00:02:21.310",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18591"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/380"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015526"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/22688"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16354"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0311"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/380"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1015526"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.osvdb.org/22688"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/16354"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/0311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2005-3653

Vulnerability from cvelistv5

Published

2006-01-23 20:00

Modified

2024-08-07 23:17

Severity ?

Summary

References

▼	URL	Tags
	http://securitytracker.com/id?1015526	vdb-entry, x_refsource_SECTRACK
	http://marc.info/?l=full-disclosure&m=113803349715927&w=2	mailing-list, x_refsource_FULLDISC
	http://www.osvdb.org/22688	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/18591	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/16354	vdb-entry, x_refsource_BID
	http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778	x_refsource_CONFIRM
	http://securityreason.com/securityalert/380	third-party-advisory, x_refsource_SREASON
	https://exchange.xforce.ibmcloud.com/vulnerabilities/24269	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2006/0311	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/archive/1/423288/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376	third-party-advisory, x_refsource_IDEFENSE
	http://www.securityfocus.com/archive/1/423403/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.637Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1015526",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015526"
          },
          {
            "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
          },
          {
            "name": "22688",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22688"
          },
          {
            "name": "18591",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18591"
          },
          {
            "name": "16354",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16354"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
          },
          {
            "name": "380",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/380"
          },
          {
            "name": "ca-igateway-contentlength-bo(24269)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
          },
          {
            "name": "ADV-2006-0311",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0311"
          },
          {
            "name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
          },
          {
            "name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
          },
          {
            "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-19T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1015526",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015526"
        },
        {
          "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
        },
        {
          "name": "22688",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22688"
        },
        {
          "name": "18591",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18591"
        },
        {
          "name": "16354",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16354"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
        },
        {
          "name": "380",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/380"
        },
        {
          "name": "ca-igateway-contentlength-bo(24269)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
        },
        {
          "name": "ADV-2006-0311",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0311"
        },
        {
          "name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
        },
        {
          "name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
        },
        {
          "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3653",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1015526",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015526"
            },
            {
              "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
              "refsource": "FULLDISC",
              "url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
            },
            {
              "name": "22688",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22688"
            },
            {
              "name": "18591",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18591"
            },
            {
              "name": "16354",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16354"
            },
            {
              "name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778",
              "refsource": "CONFIRM",
              "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
            },
            {
              "name": "380",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/380"
            },
            {
              "name": "ca-igateway-contentlength-bo(24269)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
            },
            {
              "name": "ADV-2006-0311",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0311"
            },
            {
              "name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
            },
            {
              "name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
              "refsource": "IDEFENSE",
              "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
            },
            {
              "name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
            },
            {
              "name": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp",
              "refsource": "CONFIRM",
              "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3653",
    "datePublished": "2006-01-23T20:00:00",
    "dateReserved": "2005-11-18T00:00:00",
    "dateUpdated": "2024-08-07T23:17:23.637Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}