exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

CVE-2005-0581

Status Candidate

Overview

Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.

Related Files

Computer Associates License Client GETCONFIG Overflow
Posted Feb 15, 2010
Authored by patrick, Thor Doomen | Site metasploit.com

This Metasploit module exploits an vulnerability in the CA License Client service. This exploit will only work if your IP address can be resolved from the target system point of view. This can be accomplished on a local network by running the 'nmbd' service that comes with Samba. If you are running this exploit from Windows and do not filter udp port 137, this should not be a problem (if the target is on the same network segment). Due to the bugginess of the software, you are only allowed one connection to the agent port before it starts ignoring you. If it wasn't for this issue, it would be possible to repeatedly exploit this bug.

tags | exploit, local, udp
systems | windows
advisories | CVE-2005-0581
SHA-256 | d3f07719ead763dc46245786376f69700d88d42ed26c7accf58521d0730e72de
Computer Associates License Server GETCONFIG Overflow
Posted Feb 15, 2010
Authored by patrick, Thor Doomen | Site metasploit.com

This Metasploit module exploits an vulnerability in the CA License Server network service. By sending an excessively long GETCONFIG packet the stack may be overwritten.

tags | exploit
advisories | CVE-2005-0581
SHA-256 | 7db5e725b318157687ab86443425c71c0753992cce2985a0cbb8dde1d0f979bc
CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in Computer Associates BrightStor ARCserve Backup 11.0. By sending a specially crafted request to the lic98rmtd.exe service, an attacker could overflow the buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2005-0581
SHA-256 | f898147c81fee57073362e43dcc4cf5fc962db6fc16bd1958616572dabebacf6
101_cali.c
Posted Mar 12, 2005
Authored by class101 | Site class101.org

This exploit takes advantage of a stack overflow vulnerability in the CA License Server network service. Versions 1.61 and below are susceptible.

tags | exploit, overflow
advisories | CVE-2005-0581
SHA-256 | 7d2cf16bb7713ea7d275c701f1c25126c9a157166b80c35eb4d2bbdd5353043e
calicserv_getconfig.pm
Posted Mar 5, 2005
Authored by Thor Doomen

This module exploits an vulnerability in the CA License Server network service. This is a simple stack overflow and just one of many serious problems with this software.

tags | exploit, overflow
advisories | CVE-2005-0581
SHA-256 | bf5126926d528fef10504d4baf7762d721fb352b140f76cf11829e96f5c69e14
calicclnt_getconfig.pm
Posted Mar 5, 2005
Authored by Thor Doomen

This module exploits a vulnerability in the CA License Client service. This exploit will only work if your IP address will resolve to the target system. This can be accomplished on a local network by running the nmbd service that comes with Samba. If you are running this exploit from Windows and do not filter udp port 137, this should not be a problem (if the target is on the same network segment). Due to the bugginess of the software, you are only allowed one connection to the agent port before it starts ignoring you. If it was not for this issue, it would be possible to repeatedly exploit this bug.

tags | exploit, local, udp
systems | windows
advisories | CVE-2005-0581
SHA-256 | 8f742b1d2f8f4be4c918b2a485a7be87c69a6f8c540baac8a0c7fa32f7b196d6
iDEFENSE Security Advisory 2005-03-02.6
Posted Mar 3, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GCR requests. Exploitation allows remote attackers to execute arbitrary code under the privileges of Local System.

tags | advisory, remote, overflow, arbitrary, local
advisories | CVE-2005-0581
SHA-256 | 3ed8db083fbddded4122d2db0cd334c7599112b3c46d0ccaef1dc9ab0e5deb0e
iDEFENSE Security Advisory 2005-03-02.5
Posted Mar 3, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GCR requests.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-0581
SHA-256 | 571fd92ea5c1f9ef9b16940e571fdaee9943fa6dd6db5d5d980657782898d14e
iDEFENSE Security Advisory 2005-03-02.4
Posted Mar 3, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates License Server and License Client can allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied values in GETCONFIG requests.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-0581
SHA-256 | 9211269875c1cbd81361a79ae27cd7a41120c3167d87b09ffbbce8fcf8003b14
iDEFENSE Security Advisory 2005-03-02.1
Posted Mar 3, 2005
Authored by iDefense Labs, Greg MacManus | Site idefense.com

iDEFENSE Security Advisory 03.02.05 - Remote exploitation of a buffer overflow vulnerability in Computer Associates International Inc. License Server and License Client can allow attackers to execute arbitrary code. iDEFENSE has confirmed that CA License Server 0.1.0.15 and CA License Client 0.1.0.15 are vulnerable. It is suspected that most CA products are running vulnerable versions of the client and/or server.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-0581
SHA-256 | e0658a00eaab03b8c22bd160e7374593472c52c0576efd78f3408ab8e94cba54
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close