certfr_avis - CERTA-2007-AVI-275

CERTA-2007-AVI-275

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités affectant la base de données Ingres permettent l'exécution de code arbitraire à distance.

Description

Sept vulnérabilités affectant la base de données Ingres ont été rendues publiques. Plusieurs de ces vulnérabilités permettent l'exécution de code arbitraire à distance, sans authentification préalable. L'exploitation d'une de ces vulnérabilités se fait par l'intermédiaire de paquets malformés envoyés aux services iigcc (port 10916/tcp) et iigcd (port 10923/tcp).

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Ingres 2006 version 9.0.4 ;
Ingres r3 ;
Ingres 2.6 ;
Ingres 2.5.

Les versions vulnérables d'Ingres sont intégrées dans les produits suivants :

Advantage Data Transformer r2.2 ;
AllFusion Enterprise Workbench r1.1, 1.1 SP1, r7, r7.1 ;
AllFusion Harvest Change Manager r7, r7.1 ;
BrightStor ARCserve Backup v9 (Linux seulement), r11.1, r11.5 (Unix, Linux et Mainframe Linux) ;
BrightStor ARCserve Backup for Laptops and Desktops r11.5 ;
BrightStor Enterprise Backup (Unix seulement) t10.5 ;
BrightStor Storage Command Center r11.5 ;
BrightStor Storage Resource Manager r11.5 ;
CleverPath Aio Business Rules Expert r10.1 ;
CleverPath Predictive Analysis Server r3 ;
DocServer 1.1 ;
eTrust Admin v8, v8.1, r8.1 SP1, r8.1 SP2 ;
eTrust Audit r8 SP2 ;
eTrust Directory r8.1 ;
eTrust IAM Suite r8.0 ;
eTrust IAM Toolkit r8.0, r8.1 ;
eTrust Identity Manager r8.1 ;
eTrust Network Forensics r8.1 ;
eTrust Secure Content Manager r8 ;
eTrust Single Sign-On r7, r8, r8.1 ;
eTrust Web Access Control 1.0 ;
Unicenter Advanced Systems Management r11 ;
Unicenter Asset Intelligence r11 ;
Unicenter Asset Portfolio Management r11 r2.1, r11.3 ;
Unicenter CCS r11 ;
Unicenter Database Command Center r11.1 ;
Unicenter Desktop and Server Management r11 ;
Unicenter Desktop Management Suite r11 ;
Unicenter Enterprise Job Manager r1 SP3, r1 SP4 ;
Unicenter Job Management Option r11 ;
Unicenter Lightweight Portal 2 ;
Unicenter Management Portal r3.1.1 ;
Unicenter Network and Systems Management r3.0, r11 ;
Unicenter Network and Systems Management - Tiered - Multi Platform r3.0 0305, r3.1 0403, r11.0 ;
Unicenter Patch Management r11 ;
Unicenter Remote Control 6, r11 ;
Unicenter Service Accounting r11, r11.1 ;
Unicenter Service Assure r2.2, r11, r11.1 ;
Unicenter Service Catalog r11, r11.1 ;
Unicenter Service Delivery r11.0, r11.1 ;
Unicenter Service Intelligence r11 ;
Unicenter Service Metric Analysis r3.0.2, r3.5, r11, r11.1 ;
Unicenter ServicePlus Service Desk 5.5 SP3, 6.0, 6.0 SP1, r11, r11.1, r11.2 ;
Unicenter Software Delivery r11 ;
Unicenter TNG 2.4, 2.4.2, 2.4.2J ;
Unicenter Workload Control Center r1 SP3, r1 SP4 ;
Unicenter Web Services Distributed Management 3.11, 3.50 ;
Wily SOA Manager 7.1.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletins de sécurité Computer Associates du 21 juin 2007

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cUL\u003e    \u003cLI\u003eIngres 2006 version 9.0.4 ;\u003c/LI\u003e    \u003cLI\u003eIngres r3 ;\u003c/LI\u003e    \u003cLI\u003eIngres 2.6 ;\u003c/LI\u003e    \u003cLI\u003eIngres 2.5.\u003c/LI\u003e  \u003c/UL\u003e  \u003cP\u003eLes versions vuln\u00e9rables d\u0027\u003cSPAN class=\"textit\"\u003eIngres\u003c/SPAN\u003e  sont int\u00e9gr\u00e9es dans les produits suivants :\u003c/P\u003e  \u003cUL\u003e    \u003cLI\u003eAdvantage Data Transformer r2.2 ;\u003c/LI\u003e    \u003cLI\u003eAllFusion Enterprise Workbench r1.1, 1.1 SP1, r7, r7.1    ;\u003c/LI\u003e    \u003cLI\u003eAllFusion Harvest Change Manager r7, r7.1 ;\u003c/LI\u003e    \u003cLI\u003eBrightStor ARCserve Backup v9 (Linux seulement), r11.1,    r11.5 (Unix, Linux et Mainframe Linux) ;\u003c/LI\u003e    \u003cLI\u003eBrightStor ARCserve Backup for Laptops and Desktops r11.5    ;\u003c/LI\u003e    \u003cLI\u003eBrightStor Enterprise Backup (Unix seulement) t10.5 ;\u003c/LI\u003e    \u003cLI\u003eBrightStor Storage Command Center r11.5 ;\u003c/LI\u003e    \u003cLI\u003eBrightStor Storage Resource Manager r11.5 ;\u003c/LI\u003e    \u003cLI\u003eCleverPath Aio Business Rules Expert r10.1 ;\u003c/LI\u003e    \u003cLI\u003eCleverPath Predictive Analysis Server r3 ;\u003c/LI\u003e    \u003cLI\u003eDocServer 1.1 ;\u003c/LI\u003e    \u003cLI\u003eeTrust Admin v8, v8.1, r8.1 SP1, r8.1 SP2 ;\u003c/LI\u003e    \u003cLI\u003eeTrust Audit r8 SP2 ;\u003c/LI\u003e    \u003cLI\u003eeTrust Directory r8.1 ;\u003c/LI\u003e    \u003cLI\u003eeTrust IAM Suite r8.0 ;\u003c/LI\u003e    \u003cLI\u003eeTrust IAM Toolkit r8.0, r8.1 ;\u003c/LI\u003e    \u003cLI\u003eeTrust Identity Manager r8.1 ;\u003c/LI\u003e    \u003cLI\u003eeTrust Network Forensics r8.1 ;\u003c/LI\u003e    \u003cLI\u003eeTrust Secure Content Manager r8 ;\u003c/LI\u003e    \u003cLI\u003eeTrust Single Sign-On r7, r8, r8.1 ;\u003c/LI\u003e    \u003cLI\u003eeTrust Web Access Control 1.0 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Advanced Systems Management r11 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Asset Intelligence r11 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Asset Portfolio Management r11 r2.1, r11.3 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter CCS r11 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Database Command Center r11.1 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Desktop and Server Management r11 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Desktop Management Suite r11 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Enterprise Job Manager r1 SP3, r1 SP4 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Job Management Option r11 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Lightweight Portal 2 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Management Portal r3.1.1 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Network and Systems Management r3.0, r11 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Network and Systems Management - Tiered - Multi    Platform r3.0 0305, r3.1 0403, r11.0 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Patch Management r11 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Remote Control 6, r11 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Service Accounting r11, r11.1 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Service Assure r2.2, r11, r11.1 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Service Catalog r11, r11.1 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Service Delivery r11.0, r11.1 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Service Intelligence r11 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Service Metric Analysis r3.0.2, r3.5, r11, r11.1    ;\u003c/LI\u003e    \u003cLI\u003eUnicenter ServicePlus Service Desk 5.5 SP3, 6.0, 6.0 SP1,    r11, r11.1, r11.2 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Software Delivery r11 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter TNG 2.4, 2.4.2, 2.4.2J ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Workload Control Center r1 SP3, r1 SP4 ;\u003c/LI\u003e    \u003cLI\u003eUnicenter Web Services Distributed Management 3.11, 3.50    ;\u003c/LI\u003e    \u003cLI\u003eWily SOA Manager 7.1.\u003c/LI\u003e  \u003c/UL\u003e",
  "content": "## Description\n\nSept vuln\u00e9rabilit\u00e9s affectant la base de donn\u00e9es Ingres ont \u00e9t\u00e9 rendues\npubliques. Plusieurs de ces vuln\u00e9rabilit\u00e9s permettent l\u0027ex\u00e9cution de\ncode arbitraire \u00e0 distance, sans authentification pr\u00e9alable.\nL\u0027exploitation d\u0027une de ces vuln\u00e9rabilit\u00e9s se fait par l\u0027interm\u00e9diaire\nde paquets malform\u00e9s envoy\u00e9s aux services iigcc (port 10916/tcp) et\niigcd (port 10923/tcp).\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-3338",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3338"
    },
    {
      "name": "CVE-2007-3334",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3334"
    },
    {
      "name": "CVE-2007-3337",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3337"
    },
    {
      "name": "CVE-2007-3336",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3336"
    }
  ],
  "links": [],
  "reference": "CERTA-2007-AVI-275",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-06-22T00:00:00.000000"
    },
    {
      "description": "ajout des produits affect\u00e9s int\u00e9grant une version vuln\u00e9rable d\u0027Ingres, ajout des r\u00e9f\u00e9rences CVE et d\u0027un bulletin de s\u00e9curit\u00e9 Computer Associates.",
      "revision_date": "2007-06-25T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s affectant la base de donn\u00e9es \u003cspan\nclass=\"textit\"\u003eIngres\u003c/span\u003e permettent l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Ingres",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 Computer Associates du 21 juin 2007",
      "url": "http://www.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=145778"
    }
  ]
}

CVE-2007-3337 (GCVE-0-2007-3337)

Vulnerability from cvelistv5 – Published: 2007-06-22 18:00 – Updated: 2024-08-07 14:14

Summary

wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2007/2288	vdb-entryx_refsource_VUPEN
	http://www.ca.com/us/securityadvisor/newsinfo/col…	x_refsource_CONFIRM
	http://secunia.com/advisories/25756	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/25775	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/2290	vdb-entryx_refsource_VUPEN
	http://supportconnectw.ca.com/public/ca_common_do…	x_refsource_CONFIRM
	http://www.ngssoftware.com/advisories/medium-risk…	x_refsource_MISC
	http://osvdb.org/37485	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/archive/1/472200/100…	mailing-listx_refsource_BUGTRAQ
	http://www.ca.com/us/securityadvisor/vulninfo/vul…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/24585	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:14:12.867Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-2288",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2288"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
          },
          {
            "name": "25756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25756"
          },
          {
            "name": "25775",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25775"
          },
          {
            "name": "ADV-2007-2290",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2290"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-file-truncation/"
          },
          {
            "name": "37485",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/37485"
          },
          {
            "name": "20070625 Ingres wakeup setuid(ingres) file truncation",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/472200/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451"
          },
          {
            "name": "24585",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24585"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2007-2288",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2288"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
        },
        {
          "name": "25756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25756"
        },
        {
          "name": "25775",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25775"
        },
        {
          "name": "ADV-2007-2290",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2290"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-file-truncation/"
        },
        {
          "name": "37485",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/37485"
        },
        {
          "name": "20070625 Ingres wakeup setuid(ingres) file truncation",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/472200/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451"
        },
        {
          "name": "24585",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24585"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3337",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-2288",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2288"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
            },
            {
              "name": "25756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25756"
            },
            {
              "name": "25775",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25775"
            },
            {
              "name": "ADV-2007-2290",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2290"
            },
            {
              "name": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp",
              "refsource": "CONFIRM",
              "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
            },
            {
              "name": "http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-file-truncation/",
              "refsource": "MISC",
              "url": "http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-file-truncation/"
            },
            {
              "name": "37485",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/37485"
            },
            {
              "name": "20070625 Ingres wakeup setuid(ingres) file truncation",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/472200/100/0/threaded"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35451"
            },
            {
              "name": "24585",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24585"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3337",
    "datePublished": "2007-06-22T18:00:00",
    "dateReserved": "2007-06-21T00:00:00",
    "dateUpdated": "2024-08-07T14:14:12.867Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-3336 (GCVE-0-2007-3336)

Vulnerability from cvelistv5 – Published: 2007-06-22 18:00 – Updated: 2024-08-07 14:14

Summary

Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (formerly Computer Associates) products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server Process (iigcc), which calls the (1) QUinsert or (2) QUremove functions with attacker-controlled input.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2007/2288	vdb-entryx_refsource_VUPEN
	http://www.ca.com/us/securityadvisor/newsinfo/col…	x_refsource_CONFIRM
	http://secunia.com/advisories/25756	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/25775	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/2290	vdb-entryx_refsource_VUPEN
	http://supportconnectw.ca.com/public/ca_common_do…	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/24585	vdb-entryx_refsource_BID
	http://osvdb.org/37486	vdb-entryx_refsource_OSVDB
	http://archives.neohapsis.com/archives/bugtraq/20…	mailing-listx_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/472193/100…	mailing-listx_refsource_BUGTRAQ
	http://www.ngssoftware.com/advisories/critical-ri…	x_refsource_MISC
	http://www.ngssoftware.com/advisories/critical-ri…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:14:12.898Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-2288",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2288"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
          },
          {
            "name": "25756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25756"
          },
          {
            "name": "25775",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25775"
          },
          {
            "name": "ADV-2007-2290",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2290"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
          },
          {
            "name": "ingres-unspecified-code-execution(34993)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34993"
          },
          {
            "name": "ingres-pointer-code-execution(35000)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35000"
          },
          {
            "name": "24585",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24585"
          },
          {
            "name": "37486",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/37486"
          },
          {
            "name": "20070625 Ingres Unauthenticated Pointer Overwrite 1",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2007-06/0302.html"
          },
          {
            "name": "20070625 Ingres Unauthenticated Pointer Overwrite 2",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/472193/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-1/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-2/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple \"pointer overwrite\" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (formerly Computer Associates) products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server Process (iigcc), which calls the (1) QUinsert or (2) QUremove functions with attacker-controlled input."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2007-2288",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2288"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
        },
        {
          "name": "25756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25756"
        },
        {
          "name": "25775",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25775"
        },
        {
          "name": "ADV-2007-2290",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2290"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
        },
        {
          "name": "ingres-unspecified-code-execution(34993)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34993"
        },
        {
          "name": "ingres-pointer-code-execution(35000)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35000"
        },
        {
          "name": "24585",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24585"
        },
        {
          "name": "37486",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/37486"
        },
        {
          "name": "20070625 Ingres Unauthenticated Pointer Overwrite 1",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2007-06/0302.html"
        },
        {
          "name": "20070625 Ingres Unauthenticated Pointer Overwrite 2",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/472193/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-1/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-2/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3336",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple \"pointer overwrite\" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (formerly Computer Associates) products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server Process (iigcc), which calls the (1) QUinsert or (2) QUremove functions with attacker-controlled input."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-2288",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2288"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
            },
            {
              "name": "25756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25756"
            },
            {
              "name": "25775",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25775"
            },
            {
              "name": "ADV-2007-2290",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2290"
            },
            {
              "name": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp",
              "refsource": "CONFIRM",
              "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
            },
            {
              "name": "ingres-unspecified-code-execution(34993)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34993"
            },
            {
              "name": "ingres-pointer-code-execution(35000)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35000"
            },
            {
              "name": "24585",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24585"
            },
            {
              "name": "37486",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/37486"
            },
            {
              "name": "20070625 Ingres Unauthenticated Pointer Overwrite 1",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2007-06/0302.html"
            },
            {
              "name": "20070625 Ingres Unauthenticated Pointer Overwrite 2",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/472193/100/0/threaded"
            },
            {
              "name": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-1/",
              "refsource": "MISC",
              "url": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-1/"
            },
            {
              "name": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-2/",
              "refsource": "MISC",
              "url": "http://www.ngssoftware.com/advisories/critical-risk-vulnerability-in-ingres-pointer-overwrite-2/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3336",
    "datePublished": "2007-06-22T18:00:00",
    "dateReserved": "2007-06-21T00:00:00",
    "dateUpdated": "2024-08-07T14:14:12.898Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-3334 (GCVE-0-2007-3334)

Vulnerability from cvelistv5 – Published: 2007-06-21 22:00 – Updated: 2024-08-07 14:14

Summary

Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.vupen.com/english/advisories/2007/2288	vdb-entryx_refsource_VUPEN
	http://www.ca.com/us/securityadvisor/newsinfo/col…	x_refsource_CONFIRM
	http://labs.idefense.com/intelligence/vulnerabili…	third-party-advisoryx_refsource_IDEFENSE
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/25756	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/25775	third-party-advisoryx_refsource_SECUNIA
	http://osvdb.org/37488	vdb-entryx_refsource_OSVDB
	http://www.vupen.com/english/advisories/2007/2290	vdb-entryx_refsource_VUPEN
	http://supportconnectw.ca.com/public/ca_common_do…	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://osvdb.org/37487	vdb-entryx_refsource_OSVDB
	http://www.securitytracker.com/id?1018278	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/24585	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:14:12.912Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ADV-2007-2288",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2288"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
          },
          {
            "name": "20070621 Ingres Database Multiple Heap Corruption Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
          },
          {
            "name": "ingres-wakeup-privilege-escalation(35002)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
          },
          {
            "name": "25756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25756"
          },
          {
            "name": "25775",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25775"
          },
          {
            "name": "37488",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/37488"
          },
          {
            "name": "ADV-2007-2290",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2290"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
          },
          {
            "name": "ingres-communications-server-bo(34991)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
          },
          {
            "name": "37487",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/37487"
          },
          {
            "name": "1018278",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018278"
          },
          {
            "name": "ingres-data-access-server-bo(34992)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
          },
          {
            "name": "24585",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24585"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-21T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ADV-2007-2288",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2288"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
        },
        {
          "name": "20070621 Ingres Database Multiple Heap Corruption Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
        },
        {
          "name": "ingres-wakeup-privilege-escalation(35002)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
        },
        {
          "name": "25756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25756"
        },
        {
          "name": "25775",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25775"
        },
        {
          "name": "37488",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/37488"
        },
        {
          "name": "ADV-2007-2290",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2290"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
        },
        {
          "name": "ingres-communications-server-bo(34991)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
        },
        {
          "name": "37487",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/37487"
        },
        {
          "name": "1018278",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018278"
        },
        {
          "name": "ingres-data-access-server-bo(34992)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
        },
        {
          "name": "24585",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24585"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3334",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ADV-2007-2288",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2288"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
            },
            {
              "name": "20070621 Ingres Database Multiple Heap Corruption Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=546"
            },
            {
              "name": "ingres-wakeup-privilege-escalation(35002)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35002"
            },
            {
              "name": "25756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25756"
            },
            {
              "name": "25775",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25775"
            },
            {
              "name": "37488",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/37488"
            },
            {
              "name": "ADV-2007-2290",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2290"
            },
            {
              "name": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp",
              "refsource": "CONFIRM",
              "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
            },
            {
              "name": "ingres-communications-server-bo(34991)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34991"
            },
            {
              "name": "37487",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/37487"
            },
            {
              "name": "1018278",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018278"
            },
            {
              "name": "ingres-data-access-server-bo(34992)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34992"
            },
            {
              "name": "24585",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24585"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3334",
    "datePublished": "2007-06-21T22:00:00",
    "dateReserved": "2007-06-21T00:00:00",
    "dateUpdated": "2024-08-07T14:14:12.912Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-3338 (GCVE-0-2007-3338)

Vulnerability from cvelistv5 – Published: 2007-06-22 18:00 – Updated: 2024-08-07 14:14

Summary

Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/archive/1/472194/100…	mailing-listx_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2007/2288	vdb-entryx_refsource_VUPEN
	http://www.ca.com/us/securityadvisor/newsinfo/col…	x_refsource_CONFIRM
	http://www.ngssoftware.com/advisories/high-risk-v…	x_refsource_MISC
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://secunia.com/advisories/25756	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/25775	third-party-advisoryx_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/2290	vdb-entryx_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/472197/100…	mailing-listx_refsource_BUGTRAQ
	http://supportconnectw.ca.com/public/ca_common_do…	x_refsource_CONFIRM
	http://www.ngssoftware.com/advisories/medium-risk…	x_refsource_MISC
	http://osvdb.org/37483	vdb-entryx_refsource_OSVDB
	http://www.securityfocus.com/bid/24585	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:14:12.888Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20070625 Ingres verifydb local stack overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/472194/100/0/threaded"
          },
          {
            "name": "ADV-2007-2288",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2288"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-ingres-stack-overflow/"
          },
          {
            "name": "ingres-uuidfromchar-bo(34995)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34995"
          },
          {
            "name": "25756",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25756"
          },
          {
            "name": "25775",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25775"
          },
          {
            "name": "ADV-2007-2290",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2290"
          },
          {
            "name": "ingres-duvegetargs-bo(34998)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34998"
          },
          {
            "name": "20070625 Ingres stack overflow in uuid_from_char function",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/472197/100/0/threaded"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-stack-overflow/"
          },
          {
            "name": "37483",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/37483"
          },
          {
            "name": "24585",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24585"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20070625 Ingres verifydb local stack overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/472194/100/0/threaded"
        },
        {
          "name": "ADV-2007-2288",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2288"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-ingres-stack-overflow/"
        },
        {
          "name": "ingres-uuidfromchar-bo(34995)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34995"
        },
        {
          "name": "25756",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25756"
        },
        {
          "name": "25775",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25775"
        },
        {
          "name": "ADV-2007-2290",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2290"
        },
        {
          "name": "ingres-duvegetargs-bo(34998)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34998"
        },
        {
          "name": "20070625 Ingres stack overflow in uuid_from_char function",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/472197/100/0/threaded"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-stack-overflow/"
        },
        {
          "name": "37483",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/37483"
        },
        {
          "name": "24585",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24585"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3338",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070625 Ingres verifydb local stack overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/472194/100/0/threaded"
            },
            {
              "name": "ADV-2007-2288",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2288"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=145778"
            },
            {
              "name": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-ingres-stack-overflow/",
              "refsource": "MISC",
              "url": "http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-ingres-stack-overflow/"
            },
            {
              "name": "ingres-uuidfromchar-bo(34995)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34995"
            },
            {
              "name": "25756",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25756"
            },
            {
              "name": "25775",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25775"
            },
            {
              "name": "ADV-2007-2290",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2290"
            },
            {
              "name": "ingres-duvegetargs-bo(34998)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34998"
            },
            {
              "name": "20070625 Ingres stack overflow in uuid_from_char function",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/472197/100/0/threaded"
            },
            {
              "name": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp",
              "refsource": "CONFIRM",
              "url": "http://supportconnectw.ca.com/public/ca_common_docs/ingresvuln_letter.asp"
            },
            {
              "name": "http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-stack-overflow/",
              "refsource": "MISC",
              "url": "http://www.ngssoftware.com/advisories/medium-risk-vulnerability-in-ingres-stack-overflow/"
            },
            {
              "name": "37483",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/37483"
            },
            {
              "name": "24585",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24585"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3338",
    "datePublished": "2007-06-22T18:00:00",
    "dateReserved": "2007-06-21T00:00:00",
    "dateUpdated": "2024-08-07T14:14:12.888Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTA-2007-AVI-275

Description

Solution

CVE-2007-3337 (GCVE-0-2007-3337)

CVE-2007-3336 (GCVE-0-2007-3336)

CVE-2007-3334 (GCVE-0-2007-3334)

CVE-2007-3338 (GCVE-0-2007-3338)

Tags

Sightings

Nomenclature