Vulnerability Details : CVE-2005-3190
Public exploit exists!
Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.
Vulnerability category: OverflowExecute code
Products affected by CVE-2005-3190
- cpe:2.3:a:broadcom:igateway:3.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:igateway:4.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2005-3190
61.45%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2005-3190
-
CA iTechnology iGateway Debug Mode Buffer Overflow
Disclosure Date: 2005-10-06First seen: 2020-04-26exploit/windows/http/ca_igateway_debugThis module exploits a vulnerability in the Computer Associates iTechnology iGateway component. When <Debug>True</Debug> is enabled in igateway.conf (non-default), it is possible to overwrite the stack and execute code remotely. This module works best with Ordinal
CVSS scores for CVE-2005-3190
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-3190
-
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0349.html
-
http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0418.html
-
http://www.securityfocus.com/bid/15025
Computer Associates Multiple Product HTTP Request Remote Buffer Overflow Vulnerability
-
http://securitytracker.com/id?1015045
-
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33485
Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/22560
-
http://securityreason.com/securityalert/86
Jump to