Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| License_software | Broadcom | 0.1.0.15 (including) | 0.1.0.15 (including) |
References
- http://marc.info/?l=bugtraq\u0026m=110979326828704\u0026w=2
- http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp
- http://www.idefense.com/application/poi/display?id=210\u0026type=vulnerabilities
- http://www.idefense.com/application/poi/display?id=213\u0026type=vulnerabilities
- http://www.idefense.com/application/poi/display?id=214\u0026type=vulnerabilities
- http://www.idefense.com/application/poi/display?id=215\u0026type=vulnerabilities
- http://marc.info/?l=bugtraq\u0026m=110979326828704\u0026w=2
- http://supportconnectw.ca.com/public/ca_common_docs/security_notice.asp
- http://www.idefense.com/application/poi/display?id=210\u0026type=vulnerabilities
- http://www.idefense.com/application/poi/display?id=213\u0026type=vulnerabilities
- http://www.idefense.com/application/poi/display?id=214\u0026type=vulnerabilities
- http://www.idefense.com/application/poi/display?id=215\u0026type=vulnerabilities