APP: Computer Associates License Software PUTOLF Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Computer Associates License software; a license management tool used to register and manage product licenses on a computer network. Attackers can send a maliciously crafted message to overflow the buffer and execute code on a target system with system or root level privileges.
Extended Description
Computer Associates License client and server applications are reported prone to multiple vulnerabilities. These issues include various buffer overflow vulnerabilities in the client and server and a directory traversal vulnerability in the client. A remote attacker may execute arbitrary code and place files in arbitrary locations on a vulnerable computer. It should be noted that the affected application runs with SYSTEM privileges on Microsoft Windows Platforms and superuser privileges on UNIX platforms; this will allow for a complete compromise of the affected computer. **Update: Additional vulnerabilities are reported to affect the 'LIC98RMT.EXE' component of the Computer Associates License application. Computer Associates License application versions 1.53 to 1.61.8 on all supported platforms are affected by these vulnerabilities.
Affected Products
Computer_associates license
Short Name
APP:CA:LIC-PUTOLF-OF
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Associates Buffer CVE-2005-0582 Computer License Overflow PUTOLF Software bid:12705
Release Date
06/02/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3726
Port
TCP/10202-10204
False Positive
Unknown
Vendors
Computer_associates
CVSS Score
10.0