10 - CVE-2005-2668

Executive Summary

Informations
Name	CVE-2005-2668	First vendor Publication	2005-08-23
Vendor	Cve	Last vendor Modification	2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2668

CPE : Common Platform Enumeration

Type	Description	Count
Application	Broadcom Advantage Data Transport cpe:2.3:a:broadcom:advantage_data_transport:3.0:::::::*	1
Application	Broadcom Adviseit cpe:2.3:a:broadcom:adviseit:2.4:::::::*	1
Application	Broadcom Brightstor Portal cpe:2.3:a:broadcom:brightstor_portal:11.1:::::::*	1
Application	Broadcom Brightstor San Manager cpe:2.3:a:broadcom:brightstor_san_manager:11.1:::::::* cpe:2.3:a:broadcom:brightstor_san_manager:1.1:sp1:::::: cpe:2.3:a:broadcom:brightstor_san_manager:1.1:::::::* cpe:2.3:a:broadcom:brightstor_san_manager:1.1:sp2::::::	4
Application	Broadcom Cleverpath Aion cpe:2.3:a:broadcom:cleverpath_aion:10.0:::::::*	1
Application	Broadcom Cleverpath Ecm cpe:2.3:a:broadcom:cleverpath_ecm:3.5:::::::*	1
Application	Broadcom Cleverpath Olap cpe:2.3:a:broadcom:cleverpath_olap:5.1:::::::*	1
Application	Broadcom Cleverpath Predictive Analysis Server cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:3.0:::::::* cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:2.0:::::::*	2
Application	Broadcom Etrust Admin cpe:2.3:a:broadcom:etrust_admin:8.1:::::::* cpe:2.3:a:broadcom:etrust_admin:8.0:::::::*	2
Application	Broadcom Messaging cpe:2.3:a:broadcom:messaging:1.7:::::::* cpe:2.3:a:broadcom:messaging:1.5:::::::* cpe:2.3:a:broadcom:messaging:1.11:::::::*	3
Application	Broadcom Unicenter Application Performance Monitor cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.5:::::::* cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.0:::::::*	2
Application	Broadcom Unicenter Asset Management cpe:2.3:a:broadcom:unicenter_asset_management:4.0:::::::* cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp2:::::: cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp1:::::: cpe:2.3:a:broadcom:unicenter_asset_management:3.2:::::::* cpe:2.3:a:broadcom:unicenter_asset_management:3.1:::::::*	5
Application	Broadcom Unicenter Data Transport Option cpe:2.3:a:broadcom:unicenter_data_transport_option:2.0:::::::*	1
Application	Broadcom Unicenter Jasmine cpe:2.3:a:broadcom:unicenter_jasmine:3.0:::::::*	1
Application	Broadcom Unicenter Management Portal cpe:2.3:a:broadcom:unicenter_management_portal:3.1:::::::* cpe:2.3:a:broadcom:unicenter_management_portal:2.0:::::::*	2
Application	Broadcom Unicenter Network And Systems Management cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:::::::* cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:::::::*	2
Application	Broadcom Unicenter Nsm Wireless Network Management Option cpe:2.3:a:broadcom:unicenter_nsm_wireless_network_management_option:3.0:::::::*	1
Application	Broadcom Unicenter Performance Management cpe:2.3:a:broadcom:unicenter_performance_management:2.4:sp3:openvms:::::*	1
Application	Broadcom Unicenter Remote Control cpe:2.3:a:broadcom:unicenter_remote_control:6.0:::::::* cpe:2.3:a:broadcom:unicenter_remote_control:6.0:sp1::::::	2
Application	Broadcom Unicenter Service Level Management cpe:2.3:a:broadcom:unicenter_service_level_management:3.5:::::::* cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.2:::::::* cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.1:::::::* cpe:2.3:a:broadcom:unicenter_service_level_management:3.0:::::::*	4
Application	Broadcom Unicenter Software Delivery cpe:2.3:a:broadcom:unicenter_software_delivery:4.0:::::::* cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp1:::::: cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp2:::::: cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:::::::* cpe:2.3:a:broadcom:unicenter_software_delivery:3.0:::::::*	5
Application	Broadcom Unicenter Tng cpe:2.3:a:broadcom:unicenter_tng:2.4.2:::::::* cpe:2.3:a:broadcom:unicenter_tng:2.4:::::::* cpe:2.3:a:broadcom:unicenter_tng:2.2:::::::* cpe:2.3:a:broadcom:unicenter_tng:2.1:::::::*	4
Application	Ca Etrust Admin cpe:2.3:a:ca:etrust_admin:2.9:::::::* cpe:2.3:a:ca:etrust_admin:2.7:::::::* cpe:2.3:a:ca:etrust_admin:2.4:::::::* cpe:2.3:a:ca:etrust_admin:2.1:::::::*	4
Application	Ca Unicenter Asset Management cpe:2.3:a:ca:unicenter_asset_management:4.0:sp1::::::	1
Application	Ca Unicenter Enterprise Job Manager cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp2:::::: cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp1::::::	2
Application	Ca Unicenter Management cpe:2.3:a:ca:unicenter_management:5.0.1::web_servers::::: cpe:2.3:a:ca:unicenter_management:5.0::web_servers::::: cpe:2.3:a:ca:unicenter_management:4.1::microsoft_exchange::::: cpe:2.3:a:ca:unicenter_management:4.0::microsoft_exchange::::: cpe:2.3:a:ca:unicenter_management:4.0::lotus_notes_domino::::: cpe:2.3:a:ca:unicenter_management:3.5::websphere_mq:::::	6
Application	Ca Unicenter Software Delivery cpe:2.3:a:ca:unicenter_software_delivery:4.0:sp1::::::	1
Application	Ca Unicenter Tng cpe:2.3:a:ca:unicenter_tng:2.2:::ja::::	1

SAINT Exploits

Description	Link
Computer Associates Message Queuing	More info here

Open Source Vulnerability Database (OSVDB)

Id	Description
18916	CA Multiple Products Message Queuing (CAM/CAFT) Multiple Remote Overflows Multiple buffer overflows exists in multiple CA products. The Message Queuing component fails to validate multiple unspecified paraments, as well as data passed to the log_security() function resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Description

18916

CA Multiple Products Message Queuing (CAM/CAFT) Multiple Remote Overflows

Multiple buffer overflows exists in multiple CA products. The Message Queuing component fails to validate multiple unspecified paraments, as well as data passed to the log_security() function resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Snort® IPS/IDS

Date	Description
2014-01-10	CA CAM log_security overflow attempt RuleID : 5316 - Revision : 9 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date	Description
2005-11-08	Name : Arbitrary code can be executed on the remote host due to a flaw in the CAM se... File : cacam_overflow.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

http://secunia.com/advisories/16513
http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp
http://www.kb.cert.org/vuls/id/619988
http://www.osvdb.org/18916
http://www.securityfocus.com/bid/14622
http://www.vupen.com/english/advisories/2005/1482
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32919

Source	Url

Alert History

If you want to see full details history, please login or register.

Date	Informations
2024-11-28 23:21:57	Multiple Updates
2024-11-28 12:07:21	Multiple Updates
2021-05-04 12:03:08	Multiple Updates
2021-04-22 00:22:46	Multiple Updates
2021-04-14 21:23:10	Multiple Updates
2021-04-14 05:22:48	Multiple Updates
2021-04-12 21:23:08	Multiple Updates
2021-04-10 00:22:45	Multiple Updates
2021-04-09 17:23:14	Multiple Updates
2021-04-08 00:22:46	Multiple Updates
2021-04-07 21:23:10	Multiple Updates
2020-05-23 13:16:46	Multiple Updates
2020-05-23 00:16:46	Multiple Updates
2017-11-22 17:21:57	Multiple Updates
2016-06-28 15:21:09	Multiple Updates
2016-04-26 13:45:21	Multiple Updates
2014-02-17 10:32:33	Multiple Updates
2014-01-19 21:22:51	Multiple Updates
2013-05-11 11:30:37	Multiple Updates

Type	Count
CPE ID(s)	62
Sources(s)	7
Saint Exploit(s)	1
osvdb(s)	1
Snort® Rule(s)	1
Nessus® Exploit(s)	1

10 - CVE-2005-2668

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CPE : Common Platform Enumeration

SAINT Exploits

Open Source Vulnerability Database (OSVDB)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU