APP: Computer Associates Content-Length Overflow
This signature detects attempts to exploit a known vulnerability in the Computer Associates iTechnology iGateway Service. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the system.
Extended Description
The iGateway component of various Computer Associates products allows remote attackers to execute arbitrary code by exploiting a heap-overflow vulnerability. The attacker can trigger the vulnerability by supplying a negative HTTP Content-Length value and a large URI to the service. A successful attack can result in corrupting process memory and the execution of arbitrary code with SYSTEM privileges on Windows platforms. The vendor has reported that this issue triggers only a denial-of-service condition on other platforms. Products containing iGateway 4.0.051230 are vulnerable to this issue.
Affected Products
Computer_associates brightstor_srm
Short Name
APP:CA:IGATEWAY-CNT-LEN-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Associates CVE-2005-3653 Computer Content-Length Overflow bid:16354
Release Date
10/18/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3728
Port
TCP/5250
False Positive
Unknown
Vendors
Computer_associates
CVSS Score
10.0