Computer Associates License Service GETCONFIG buffer overflow

Added: 12/14/2005
CVE: CVE-2005-0581
BID: 12705
OSVDB: 14389

Background

The License service comes with most Computer Associates products and exchanges license information over ports 10202/tcp and 10203/tcp.

Problem

A buffer overflow vulnerability exists in the processing of GETCONFIG messages.

Resolution

Install the patch.

References

http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp
http://www.idefense.com/intelligence/vulnerabilities/display.php?id=213&type=vulnerabilities

Limitations

Exploit works on BrightStor ARCserve Backup 11.1.

For Linux targets, there is a two-minute delay before the connection is established.

Platforms

Windows 2000
Windows XP / Windows XP SP1
Windows XP SP2
Windows Server 2003
Red Hat / Linux
SuSE

Back to exploit index