what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2005-0581

Status Candidate

Overview

Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.

Related Files

Computer Associates License Client GETCONFIG Overflow
Posted Feb 15, 2010
Authored by patrick, Thor Doomen | Site metasploit.com

This Metasploit module exploits an vulnerability in the CA License Client service. This exploit will only work if your IP address can be resolved from the target system point of view. This can be accomplished on a local network by running the 'nmbd' service that comes with Samba. If you are running this exploit from Windows and do not filter udp port 137, this should not be a problem (if the target is on the same network segment). Due to the bugginess of the software, you are only allowed one connection to the agent port before it starts ignoring you. If it wasn't for this issue, it would be possible to repeatedly exploit this bug.

tags | exploit, local, udp
systems | windows
advisories | CVE-2005-0581
SHA-256 | d3f07719ead763dc46245786376f69700d88d42ed26c7accf58521d0730e72de
Computer Associates License Server GETCONFIG Overflow
Posted Feb 15, 2010
Authored by patrick, Thor Doomen | Site metasploit.com

This Metasploit module exploits an vulnerability in the CA License Server network service. By sending an excessively long GETCONFIG packet the stack may be overwritten.

tags | exploit
advisories | CVE-2005-0581
SHA-256 | 7db5e725b318157687ab86443425c71c0753992cce2985a0cbb8dde1d0f979bc
CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup 11.0. By sending a specially crafted request to the lic98rmtd.exe service, an attacker could overflow the buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2005-0581
SHA-256 | f898147c81fee57073362e43dcc4cf5fc962db6fc16bd1958616572dabebacf6
101_cali.c
Posted Mar 12, 2005
Authored by class101 | Site class101.org

This exploit takes advantage of a stack overflow vulnerability in the CA License Server network service. Versions 1.61 and below are susceptible.

tags | exploit, overflow
advisories | CVE-2005-0581
SHA-256 | 7d2cf16bb7713ea7d275c701f1c25126c9a157166b80c35eb4d2bbdd5353043e
calicserv_getconfig.pm
Posted Mar 5, 2005
Authored by Thor Doomen

This module exploits an vulnerability in the CA License Server network service. This is a simple stack overflow and just one of many serious problems with this software.

tags | exploit, overflow
advisories | CVE-2005-0581
SHA-256 | bf5126926d528fef10504d4baf7762d721fb352b140f76cf11829e96f5c69e14
calicclnt_getconfig.pm
Posted Mar 5, 2005
Authored by Thor Doomen

This module exploits a vulnerability in the CA License Client service. This exploit will only work if your IP address will resolve to the target system. This can be accomplished on a local network by running the nmbd service that comes with Samba. If you are running this exploit from Windows and do not filter udp port 137, this should not be a problem (if the target is on the same network segment). Due to the bugginess of the software, you are only allowed one connection to the agent port before it starts ignoring you. If it was not for this issue, it would be possible to repeatedly exploit this bug.

tags | exploit, local, udp
systems | windows
advisories | CVE-2005-0581
SHA-256 | 8f742b1d2f8f4be4c918b2a485a7be87c69a6f8c540baac8a0c7fa32f7b196d6
iDEFENSE Security Advisory 2005-03-02.6
Posted Mar 3, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GCR requests. Exploitation allows remote attackers to execute arbitrary code under the privileges of Local System.

tags | advisory, remote, overflow, arbitrary, local
advisories | CVE-2005-0581
SHA-256 | 3ed8db083fbddded4122d2db0cd334c7599112b3c46d0ccaef1dc9ab0e5deb0e
iDEFENSE Security Advisory 2005-03-02.5
Posted Mar 3, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GCR requests.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-0581
SHA-256 | 571fd92ea5c1f9ef9b16940e571fdaee9943fa6dd6db5d5d980657782898d14e
iDEFENSE Security Advisory 2005-03-02.4
Posted Mar 3, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GETCONFIG requests.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-0581
SHA-256 | 9211269875c1cbd81361a79ae27cd7a41120c3167d87b09ffbbce8fcf8003b14
iDEFENSE Security Advisory 2005-03-02.1
Posted Mar 3, 2005
Authored by iDefense Labs, Greg MacManus | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates International Inc. License Server and License Client can allow attackers to execute arbitrary code. iDEFENSE has confirmed that CA License Server 0.1.0.15 and CA License Client 0.1.0.15 are vulnerable. It is suspected that most CA products are running vulnerable versions of the client and/or server.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-0581
SHA-256 | e0658a00eaab03b8c22bd160e7374593472c52c0576efd78f3408ab8e94cba54
Page 1 of 1
Back1Next

File Archive:

June 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    19 Files
  • 2
    Jun 2nd
    16 Files
  • 3
    Jun 3rd
    28 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    19 Files
  • 7
    Jun 7th
    23 Files
  • 8
    Jun 8th
    11 Files
  • 9
    Jun 9th
    10 Files
  • 10
    Jun 10th
    4 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    27 Files
  • 20
    Jun 20th
    65 Files
  • 21
    Jun 21st
    10 Files
  • 22
    Jun 22nd
    8 Files
  • 23
    Jun 23rd
    6 Files
  • 24
    Jun 24th
    6 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    15 Files
  • 28
    Jun 28th
    14 Files
  • 29
    Jun 29th
    11 Files
  • 30
    Jun 30th
    7 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close