Vulnerabilities > CVE-2005-2668
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors.
Vulnerable Configurations
Exploit-Db
| description | CA CAM log_security() Stack Buffer Overflow (Win32). CVE-2005-2668. Remote exploit for windows platform |
| id | EDB-ID:16825 |
| last seen | 2016-02-02 |
| modified | 2010-09-20 |
| published | 2010-09-20 |
| reporter | metasploit |
| source | https://www.exploit-db.com/download/16825/ |
| title | CA CAM log_security Stack Buffer Overflow Win32 |
Metasploit
| description | This module exploits a vulnerability in the CA CAM service by passing a long parameter to the log_security() function. The CAM service is part of TNG Unicenter. This module has been tested on Unicenter v3.1. |
| id | MSF:EXPLOIT/WINDOWS/UNICENTER/CAM_LOG_SECURITY |
| last seen | 2020-03-11 |
| modified | 2017-07-24 |
| published | 2005-11-27 |
| references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2668 |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/unicenter/cam_log_security.rb |
| title | CA CAM log_security() Stack Buffer Overflow (Win32) |
Nessus
| NASL family | Gain a shell remotely |
| NASL id | CACAM_OVERFLOW.NASL |
| description | The remote version of CA Message Queuing Service contains a stack overflow in the |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 20173 |
| published | 2005-11-08 |
| reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/20173 |
| title | CA Multiple Products Message Queuing Multiple Remote Vulnerabilities |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/83148/cam_log_security.rb.txt |
| id | PACKETSTORM:83148 |
| last seen | 2016-12-05 |
| published | 2009-11-26 |
| reporter | H D Moore |
| source | https://packetstormsecurity.com/files/83148/CA-CAM-log_security-Stack-Overflow-Win32.html |
| title | CA CAM log_security() Stack Overflow (Win32) |
Saint
| bid | 14622 |
| description | Computer Associates Message Queuing |
| id | misc_cam |
| osvdb | 18916 |
| title | ca_message_queue |
| type | remote |
References
- http://secunia.com/advisories/16513
- http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp
- http://www.kb.cert.org/vuls/id/619988
- http://www.osvdb.org/18916
- http://www.securityfocus.com/bid/14622
- http://www.vupen.com/english/advisories/2005/1482
- http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32919