Vulnerability Name:

CVE-2005-3653 (CCN-24269)

Assigned:2005-12-31
Published:2005-12-31
Updated:2021-04-14
Summary:Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.
CVSS v3 Severity:10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-119
Vulnerability Consequences:Gain Access
References:Source: CCN
Type: Full-Disclosure Mailing List, Mon Jan 23 2006 - 10:23:59 CST
CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability

Source: MITRE
Type: CNA
CVE-2005-3653

Source: FULLDISC
Type: UNKNOWN
20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability

Source: CCN
Type: SA18591
CA Products iGateway Service Content-Length Buffer Overflow

Source: SECUNIA
Type: Patch, Vendor Advisory
18591

Source: SREASON
Type: UNKNOWN
380

Source: CCN
Type: SECTRACK ID: 1015526
Computer Associates Content-Length Buffer Overflow in iGateway Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: Patch
1015526

Source: CCN
Type: CA SupportConnect Web site
SupportConnect

Source: CONFIRM
Type: Patch, Vendor Advisory
http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp

Source: IDEFENSE
Type: Patch, Vendor Advisory
20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow

Source: OSVDB
Type: Patch
22688

Source: CCN
Type: OSVDB ID: 22688
CA iGateway Service Content-Length Overflow

Source: BUGTRAQ
Type: UNKNOWN
20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]

Source: BUGTRAQ
Type: UNKNOWN
20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability

Source: BID
Type: Patch
16354

Source: CCN
Type: BID-16354
Computer Associates iTechnology iGateway Service Content-Length Heap Overflow Vulnerability

Source: VUPEN
Type: Vendor Advisory
ADV-2006-0311

Source: CONFIRM
Type: UNKNOWN
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778

Source: XF
Type: UNKNOWN
ca-igateway-contentlength-bo(24269)

Source: XF
Type: UNKNOWN
ca-igateway-contentlength-bo(24269)

Source: CCN
Type: iDEFENSE Security Advisory 01.23.06
Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow

Vulnerable Configuration:Configuration 1:
  • cpe:/a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_process_automation_manager:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_storage_resource_manager:6.3:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_storage_resource_manager:6.4:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_storage_resource_manager:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_storage_resource_manager:11.5:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_audit_aries:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_audit_irecorder:1.5:sp2:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_audit_irecorder:1.5:sp3:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_audit_irecorder:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_identity_minder:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_integrated_threat_management:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:*:*:*:*:*:*:*:* (Version <= 4.0.050615)
  • OR cpe:/a:broadcom:unicenter_asset_portfolio_management:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_autosys_jm:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_service_delivery:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_service_desk:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_service_desk_knowledge_tools:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_service_fulfillment:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_service_metric_analysis:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
  • OR cpe:/a:ca:brightstor_enterprise_backup:10.0:*:solaris:*:*:*:*:*
  • OR cpe:/a:ca:brightstor_enterprise_backup:10.5:*:solaris:*:*:*:*:*
  • OR cpe:/a:ca:brightstor_enterprise_backup:10.5:*:tru64:*:*:*:*:*
  • OR cpe:/a:ca:brightstor_enterprise_backup:10.5:*:windows_64-bit:*:*:*:*:*
  • OR cpe:/a:ca:etrust_audit_aries:1.5:sp2:*:*:*:*:*:*
  • OR cpe:/a:ca:etrust_audit_aries:1.5:sp3:*:*:*:*:*:*
  • OR cpe:/a:ca:etrust_directory:8.1_web_components:*:*:*:*:*:*:*
  • OR cpe:/a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_application_performance_monitor:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_application_server_managment:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_ca_web_services_distributed_management:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_exchange_management_console:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_management:3.5:*:websphere_mq:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_management:11.0:*:weblogic:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_management:11.0:*:websphere:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_service_catalog_fulfillment_accounting:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_service_fulfillment:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_service_level_management:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_web_server_management:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_web_services_distributed_management:11.0:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:broadcom:itechnology_igateway:4.0.041221:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050126:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050224:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050306:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050321:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050322:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050325:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050401:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050413:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050414:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050518:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050526:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050601:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050613:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:itechnology_igateway:4.0.050615:*:*:*:*:*:*:*
  • AND
  • cpe:/a:ca:brightstor_arcserve_backup:11.0:*:windows:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_process_automation_manager:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_storage_resource_manager:11.5:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_storage_resource_manager:11.1:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_storage_resource_manager:6.4:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:brightstor_storage_resource_manager:6.3:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_audit_client:1.5:sp2:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_audit_client:1.5:sp3:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_audit_client:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_identity_minder:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_web_services_distributed_management:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_autosys_jm:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_service_delivery:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_service_level_management:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_service_desk:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_service_fulfillment:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_asset_portfolio_management:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_service_catalog_fulfillment_accounting:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_web_server_management:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:unicenter_exchange_management_console:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:etrust_integrated_threat_management:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_service_desk_knowledge_tools:11.0:*:*:*:*:*:*:*
  • OR cpe:/a:broadcom:unicenter_service_metric_analysis:11.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    broadcom brightstor arcserve backup 9.01
    broadcom brightstor arcserve backup 11.1
    broadcom brightstor arcserve backup 11.5
    broadcom brightstor arcserve backup laptops desktops 11.0
    broadcom brightstor arcserve backup laptops desktops 11.1
    broadcom brightstor portal 11.1
    broadcom brightstor process automation manager 11.1
    broadcom brightstor san manager 11.1
    broadcom brightstor san manager 11.5
    broadcom brightstor storage resource manager 6.3
    broadcom brightstor storage resource manager 6.4
    broadcom brightstor storage resource manager 11.1
    broadcom brightstor storage resource manager 11.5
    broadcom etrust admin 8.1
    broadcom etrust audit aries 8.0
    broadcom etrust audit irecorder 1.5 sp2
    broadcom etrust audit irecorder 1.5 sp3
    broadcom etrust audit irecorder 8.0
    broadcom etrust identity minder 8.0
    broadcom etrust integrated threat management 8.0
    broadcom itechnology igateway *
    broadcom unicenter asset portfolio management 11.0
    broadcom unicenter autosys jm 11.0
    broadcom unicenter service delivery 11.0
    broadcom unicenter service desk 11.0
    broadcom unicenter service desk knowledge tools 11.0
    broadcom unicenter service fulfillment 2.2
    broadcom unicenter service metric analysis 11.0
    ca brightstor arcserve backup 11
    ca brightstor enterprise backup 10.0
    ca brightstor enterprise backup 10.5
    ca brightstor enterprise backup 10.5
    ca brightstor enterprise backup 10.5
    ca etrust audit aries 1.5 sp2
    ca etrust audit aries 1.5 sp3
    ca etrust directory 8.1_web_components
    ca etrust secure content manager 8.0
    ca unicenter application performance monitor 11.0
    ca unicenter application server managment 11.0
    ca unicenter ca web services distributed management 11.0
    ca unicenter exchange management console 11.0
    ca unicenter management 3.5
    ca unicenter management 11.0
    ca unicenter management 11.0
    ca unicenter service catalog fulfillment accounting 11.0
    ca unicenter service fulfillment 11.0
    ca unicenter service level management 11.0
    ca unicenter web server management 11.0
    ca unicenter web services distributed management 11.0
    ca itechnology igateway 4.0.041221
    ca itechnology igateway 4.0.050126
    ca itechnology igateway 4.0.050224
    ca itechnology igateway 4.0.050306
    ca itechnology igateway 4.0.050321
    ca itechnology igateway 4.0.050322
    ca itechnology igateway 4.0.050325
    ca itechnology igateway 4.0.050401
    ca itechnology igateway 4.0.050413
    ca itechnology igateway 4.0.050414
    ca itechnology igateway 4.0.050518
    ca itechnology igateway 4.0.050526
    ca itechnology igateway 4.0.050601
    ca itechnology igateway 4.0.050613
    ca itechnology igateway 4.0.050615
    ca brightstor arcserve backup 11.0
    ca brightstor enterprise backup 10.5
    ca brightstor san manager 11.1
    ca brightstor portal 11.1
    ca etrust admin 8.1
    ca brightstor arcserve backup 11.1
    ca brightstor arcserve backup 11.5
    ca brightstor arcserve backup 9.01
    ca brightstor arcserve backup laptops desktops 11.1
    ca brightstor arcserve backup laptops desktops 11.0
    ca brightstor process automation manager 11.1
    ca brightstor san manager 11.5
    ca brightstor storage resource manager 11.5
    ca brightstor storage resource manager 11.1
    ca brightstor storage resource manager 6.4
    ca brightstor storage resource manager 6.3
    ca etrust audit client 1.5 sp2
    ca etrust audit client 1.5 sp3
    ca etrust audit client 8.0
    ca etrust identity minder 8.0
    ca unicenter web services distributed management 11.0
    ca unicenter autosys jm 11.0
    ca unicenter service delivery 11.0
    ca unicenter service level management 11.0
    ca unicenter service desk 11.0
    ca unicenter service fulfillment 2.2
    ca unicenter asset portfolio management 11.0
    ca unicenter service catalog fulfillment accounting 11.0
    ca unicenter web server management 11.0
    ca unicenter exchange management console 11.0
    ca etrust integrated threat management 8.0
    ca etrust secure content manager 8.0
    ca unicenter service desk knowledge tools 11.0
    ca unicenter service metric analysis 11.0