Multiple buffer overflows in Computer Associates (CA) License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via (1) certain long fields in the Checksum item in a GCR request, (2) a long IP address, hostname, or netmask values in a GCR request, (3) a long last parameter in a GETCONFIG packet, or (4) long values in a request with an invalid format.
Published 2005-05-02 04:00:00
Updated 2021-04-09 17:46:30
Source MITRE
View at NVD,   CVE.org
Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2005-0581

84.11%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2005-0581

  • CA BrightStor ARCserve License Service GCR NETWORK Buffer Overflow
    Disclosure Date: 2005-03-02
    First seen: 2020-04-26
    exploit/windows/brightstor/license_gcr
    This module exploits a stack buffer overflow in Computer Associates BrightStor ARCserve Backup 11.0. By sending a specially crafted request to the lic98rmtd.exe service, an attacker could overflow the buffer and execute arbitrary code. Authors: - MC <mc@metasploit
  • Computer Associates License Client GETCONFIG Overflow
    Disclosure Date: 2005-03-02
    First seen: 2020-04-26
    exploit/windows/license/calicclnt_getconfig
    This module exploits a vulnerability in the CA License Client service. This exploit will only work if your IP address can be resolved from the target system point of view. This can be accomplished on a local network by running the 'nmbd' service that comes
  • Computer Associates License Server GETCONFIG Overflow
    Disclosure Date: 2005-03-02
    First seen: 2020-04-26
    exploit/windows/license/calicserv_getconfig
    This module exploits an vulnerability in the CA License Server network service. By sending an excessively long GETCONFIG packet the stack may be overwritten. Authors: - hdm <x@hdm.io> - aushack <patrick@osisecurity.com.au>

CVSS scores for CVE-2005-0581

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
4.6
MEDIUM AV:L/AC:L/Au:N/C:P/I:P/A:P
3.9
6.4
NIST

Products affected by CVE-2005-0581

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!