APP: Computer Associates Products Discovery Service Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Computer Associates Products Discovery Service. An unauthenticated remote attacker can use this vulnerability to remotely inject and execute code on the system with System level privileges.
Extended Description
Multiple Computer Associates products are prone to a remote stack-based buffer-overflow vulnerability. This issue arises because these applications fail to perform boundary checks before copying user-supplied data into insufficiently sized buffers. A successful attack may result in arbitrary code execution with the privileges of the affected application. This issue affects client and server versions of the affected products.
Affected Products
Computer_associates brightstor_enterprise_backup
Short Name
APP:CA:PRODUCT-DISC-BOF
Severity
Major
Recommended
False
Recommended Action
None
Category
APP
Keywords
Associates Buffer CVE-2006-5143 CVE-2006-6379 Computer Discovery Overflow Products Service bid:20364
Release Date
11/01/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3728
Port
TCP/41523
False Positive
Unknown
Vendors
Computer_associates
CVSS Score
7.5