APP: Computer Associates log_security Overflow
This signature detects attempts to exploit a known vulnerability against the Computer Associates Log Security service. A successful attack can lead to arbitrary remote code execution. An exploit is currently available.
Extended Description
Computer Associates Message Queuing (CAM) is prone to a buffer-overflow vulnerability because the application fails to perform proper bounds checking on user-supplied data. A successful attack can cause the process's execution stack to overflow and may ultimately allow arbitrary code to run in the context of the affected application. This may allow an attacker to escalate their privileges to SYSTEM level.
Affected Products
Computer_associates etrust_admin
References
BugTraq: 14622
CVE: CVE-2005-2668
URL: http://www.kb.cert.org/vuls/id/619988 http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp
Short Name
APP:CA:LOG-SEC-BOF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Associates CVE-2005-2668 Computer Overflow bid:14622 log_security
Release Date
12/20/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3727
Port
TCP/4105
False Positive
Unknown
Vendors
Computer_associates
CVSS Score
10.0