Vulnerability Details : CVE-2005-0581
Public exploit exists!
Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2005-0581
Probability of exploitation activity in the next 30 days: 84.11%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2005-0581
-
CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow
Disclosure Date: 2005-03-02First seen: 2020-04-26exploit/windows/brightstor/license_gcrThis module exploits a stack buffer overflow in Computer Associates BrightStor ARCserve Backup 11.0. By sending a specially crafted request to the lic98rmtd.exe service, an attacker could overflow the buffer and execute arbitrary code. Authors: - MC <mc@metasploit -
Computer Associates License Client GETCONFIG Overflow
Disclosure Date: 2005-03-02First seen: 2020-04-26exploit/windows/license/calicclnt_getconfigThis module exploits a vulnerability in the CA License Client service. This exploit will only work if your IP address can be resolved from the target system point of view. This can be accomplished on a local network by running the 'nmbd' service that comes -
Computer Associates License Server GETCONFIG Overflow
Disclosure Date: 2005-03-02First seen: 2020-04-26exploit/windows/license/calicserv_getconfigThis module exploits an vulnerability in the CA License Server network service. By sending an excessively long GETCONFIG packet the stack may be overwritten. Authors: - hdm <x@hdm.io> - aushack <patrick@osisecurity.com.au>
CVSS scores for CVE-2005-0581
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST |
References for CVE-2005-0581
-
http://www.idefense.com/application/poi/display?id=210&type=vulnerabilities
Patch;Vendor Advisory
-
http://www.idefense.com/application/poi/display?id=213&type=vulnerabilities
Patch;Vendor Advisory
-
http://www.idefense.com/application/poi/display?id=215&type=vulnerabilities
Patch;Vendor Advisory
-
http://www.idefense.com/application/poi/display?id=214&type=vulnerabilities
Patch;Vendor Advisory
-
http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp
Patch;Vendor Advisory
- http://marc.info/?l=bugtraq&m=110979326828704&w=2
Products affected by CVE-2005-0581
- cpe:2.3:a:broadcom:license_software:0.1.0.15:*:*:*:*:*:*:*