Search criteria
3 vulnerabilities found for unicenter_service_desk_knowledge_tools by broadcom
CVE-2005-3653 (GCVE-0-2005-3653)
Vulnerability from cvelistv5 – Published: 2006-01-23 20:00 – Updated: 2024-08-07 23:17
VLAI
Summary
Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1015526 | vdb-entryx_refsource_SECTRACK |
| http://marc.info/?l=full-disclosure&m=11380334971… | mailing-listx_refsource_FULLDISC |
| http://www.osvdb.org/22688 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/18591 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/16354 | vdb-entryx_refsource_BID |
| http://www3.ca.com/securityadvisor/vulninfo/vuln.… | x_refsource_CONFIRM |
| http://securityreason.com/securityalert/380 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2006/0311 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/423288/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.idefense.com/intelligence/vulnerabilit… | third-party-advisoryx_refsource_IDEFENSE |
| http://www.securityfocus.com/archive/1/423403/100… | mailing-listx_refsource_BUGTRAQ |
| http://supportconnectw.ca.com/public/ca_common_do… | x_refsource_CONFIRM |
Date Public
2006-01-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015526",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015526"
},
{
"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
},
{
"name": "22688",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22688"
},
{
"name": "18591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18591"
},
{
"name": "16354",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16354"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
},
{
"name": "380",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/380"
},
{
"name": "ca-igateway-contentlength-bo(24269)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
},
{
"name": "ADV-2006-0311",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0311"
},
{
"name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
},
{
"name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
},
{
"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015526",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015526"
},
{
"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
},
{
"name": "22688",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22688"
},
{
"name": "18591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18591"
},
{
"name": "16354",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16354"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
},
{
"name": "380",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/380"
},
{
"name": "ca-igateway-contentlength-bo(24269)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
},
{
"name": "ADV-2006-0311",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0311"
},
{
"name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
},
{
"name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
},
{
"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3653",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015526",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015526"
},
{
"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
},
{
"name": "22688",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22688"
},
{
"name": "18591",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18591"
},
{
"name": "16354",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16354"
},
{
"name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778",
"refsource": "CONFIRM",
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
},
{
"name": "380",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/380"
},
{
"name": "ca-igateway-contentlength-bo(24269)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
},
{
"name": "ADV-2006-0311",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0311"
},
{
"name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
},
{
"name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
},
{
"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
},
{
"name": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3653",
"datePublished": "2006-01-23T20:00:00.000Z",
"dateReserved": "2005-11-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:17:23.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2005-3653
Vulnerability from fkie_nvd - Published: 2005-12-31 05:00 - Updated: 2026-04-16 00:27
Severity
Summary
Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F206D15-FF0D-400E-9727-5DA6C07B57EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_process_automation_manager:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BD04989D-D045-4693-87DA-16754D9BF644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FA67A49C-688A-4B6E-8B90-BEC937FCEE20",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FFD847AD-8AD1-40C1-9582-CC234D900CEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "70D35A8A-BB31-4FC6-8031-D93FE7347A10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A7384B78-1F35-4DB4-A128-EBE33FD70C8A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B3F5A1F3-EEE3-4187-9F44-545EB21EF121",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "152FDE32-0525-4F1E-9BD5-A3EB47644B03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "08594EFB-E04B-42E8-BE00-C3ACDB62BA4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_audit_aries:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CBBF77AF-542C-49E8-8F5A-1C0DB73F2DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "6829D317-1AB6-471B-9CE4-563C4FFB290D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp3:*:*:*:*:*:*",
"matchCriteriaId": "571D4793-63EE-4A9D-991B-0F92842BDF58",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_audit_irecorder:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F182A43-4999-441D-9B37-093E033BAADC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_identity_minder:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6DF2F1AC-CF62-47CE-96B3-08CE412A7D0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "045F1ADA-E9D1-4C8B-9275-040939E73A6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:itechnology_igateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AA60254A-F0BE-4E53-9D04-C3F4D80E662D",
"versionEndIncluding": "4.0.050615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_asset_portfolio_management:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3358719-780A-41E1-A09A-7C27C921D6DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_autosys_jm:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "388A5565-442B-441C-B727-586B23FE8540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_service_delivery:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "137A1E55-CDF0-49FF-9A63-5FB44BA9FC40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_service_desk:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F2247ED3-2CF1-49A5-9456-F51164A1D220",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_service_desk_knowledge_tools:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3046725F-B0C5-4625-AE5D-8B6C7DC9A085",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_service_fulfillment:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CF7FADA4-429F-4658-A47C-DCB13D6ED903",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_service_metric_analysis:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "607CA384-B71B-460F-ACCF-ACCBC9C17FA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:solaris:*:*:*:*:*",
"matchCriteriaId": "15862D0F-90C0-46A3-8457-B1FD8877CC74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:solaris:*:*:*:*:*",
"matchCriteriaId": "196FFF4A-1976-477B-927F-82A3CBECA530",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:tru64:*:*:*:*:*",
"matchCriteriaId": "5DC10E01-4694-4699-9C8D-328627F515D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:windows_64-bit:*:*:*:*:*",
"matchCriteriaId": "2C3C45FE-C057-4DF2-8D68-892C9DD47ED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_audit_aries:1.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "473DC00E-B779-4CB4-A165-DE2954F225C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_audit_aries:1.5:sp3:*:*:*:*:*:*",
"matchCriteriaId": "A7A0ED34-94B3-447E-8CF2-8439FAF05894",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_directory:8.1_web_components:*:*:*:*:*:*:*",
"matchCriteriaId": "F148F27B-50D6-4C29-BC9D-1E11B783808D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB54A16-5E56-46FC-A49C-56C98C0B8F1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_application_performance_monitor:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "96C5D628-2CBB-4ED1-B7C1-C2ABE6A8E2FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_application_server_managment:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54A75987-8E51-4D25-965D-343E8F07BC25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_ca_web_services_distributed_management:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48726411-E052-4F4A-9EAC-7616059E3599",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_exchange_management_console:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F1ADE61A-3096-4079-B586-00B977B5E523",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_management:3.5:*:websphere_mq:*:*:*:*:*",
"matchCriteriaId": "0FE2A55B-A89D-470E-8E9E-4B1B0FB1C4C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_management:11.0:*:weblogic:*:*:*:*:*",
"matchCriteriaId": "07E5BAC2-FF02-4ADC-9939-AE93B60E53E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_management:11.0:*:websphere:*:*:*:*:*",
"matchCriteriaId": "DBB1EA1F-57BA-4850-B5C2-6900A1DE80CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_service_catalog_fulfillment_accounting:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8045AE85-40C1-4122-B073-8579E84B88D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_service_fulfillment:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E8DB1604-AFCB-4D37-9665-9725119570F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_service_level_management:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EF170A77-7B4D-4B0F-BA7C-05773E03DFE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_web_server_management:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11364903-CA67-499C-9BE8-36B01FD7E7A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_web_services_distributed_management:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83DFAC82-1835-49EE-AE88-BFFFD2D6C2B9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."
}
],
"id": "CVE-2005-3653",
"lastModified": "2026-04-16T00:27:16.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18591"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/380"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015526"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/22688"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16354"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0311"
},
{
"source": "cve@mitre.org",
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18591"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/380"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015526"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.osvdb.org/22688"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/16354"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0311"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2005-3653 (GCVE-0-2005-3653)
Vulnerability from nvd – Published: 2006-01-23 20:00 – Updated: 2024-08-07 23:17
VLAI
Summary
Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1015526 | vdb-entryx_refsource_SECTRACK |
| http://marc.info/?l=full-disclosure&m=11380334971… | mailing-listx_refsource_FULLDISC |
| http://www.osvdb.org/22688 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/18591 | third-party-advisoryx_refsource_SECUNIA |
| http://www.securityfocus.com/bid/16354 | vdb-entryx_refsource_BID |
| http://www3.ca.com/securityadvisor/vulninfo/vuln.… | x_refsource_CONFIRM |
| http://securityreason.com/securityalert/380 | third-party-advisoryx_refsource_SREASON |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2006/0311 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/archive/1/423288/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.idefense.com/intelligence/vulnerabilit… | third-party-advisoryx_refsource_IDEFENSE |
| http://www.securityfocus.com/archive/1/423403/100… | mailing-listx_refsource_BUGTRAQ |
| http://supportconnectw.ca.com/public/ca_common_do… | x_refsource_CONFIRM |
Date Public
2006-01-23 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:17:23.637Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1015526",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015526"
},
{
"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
},
{
"name": "22688",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22688"
},
{
"name": "18591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18591"
},
{
"name": "16354",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16354"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
},
{
"name": "380",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/380"
},
{
"name": "ca-igateway-contentlength-bo(24269)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
},
{
"name": "ADV-2006-0311",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0311"
},
{
"name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
},
{
"name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
},
{
"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-23T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1015526",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015526"
},
{
"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
},
{
"name": "22688",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22688"
},
{
"name": "18591",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18591"
},
{
"name": "16354",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16354"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
},
{
"name": "380",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/380"
},
{
"name": "ca-igateway-contentlength-bo(24269)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
},
{
"name": "ADV-2006-0311",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0311"
},
{
"name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
},
{
"name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
},
{
"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3653",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1015526",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015526"
},
{
"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
"refsource": "FULLDISC",
"url": "http://marc.info/?l=full-disclosure\u0026m=113803349715927\u0026w=2"
},
{
"name": "22688",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22688"
},
{
"name": "18591",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18591"
},
{
"name": "16354",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16354"
},
{
"name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778",
"refsource": "CONFIRM",
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"
},
{
"name": "380",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/380"
},
{
"name": "ca-igateway-contentlength-bo(24269)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"
},
{
"name": "ADV-2006-0311",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0311"
},
{
"name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"
},
{
"name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"
},
{
"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"
},
{
"name": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3653",
"datePublished": "2006-01-23T20:00:00.000Z",
"dateReserved": "2005-11-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T23:17:23.637Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}