Vulnerabilities > CVE-2005-3190 - Unspecified vulnerability in Broadcom Igateway 3.0/4.0

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
broadcom
exploit available
metasploit

Summary

Buffer overflow in Computer Associates (CA) iGateway 3.0 and 4.0 before 4.0.050623, when running in debug mode, allows remote attackers to execute arbitrary code via HTTP GET requests.

Vulnerable Configurations

Part Description Count
Application
Broadcom
2

Exploit-Db

  • descriptionCA iTechnology iGateway Debug Mode Buffer Overflow. CVE-2005-3190. Remote exploit for windows platform
    idEDB-ID:16801
    last seen2016-02-02
    modified2010-04-30
    published2010-04-30
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16801/
    titleCA iTechnology iGateway Debug Mode Buffer Overflow
  • descriptionCA iGateway (debug mode) Remote Buffer Overflow Exploit. CVE-2005-3190. Remote exploit for windows platform
    idEDB-ID:1243
    last seen2016-01-31
    modified2005-10-10
    published2005-10-10
    reporteregm
    sourcehttps://www.exploit-db.com/download/1243/
    titleCA iGateway debug mode Remote Buffer Overflow Exploit

Metasploit

descriptionThis module exploits a vulnerability in the Computer Associates iTechnology iGateway component. When True is enabled in igateway.conf (non-default), it is possible to overwrite the stack and execute code remotely. This module works best with Ordinal payloads.
idMSF:EXPLOIT/WINDOWS/HTTP/CA_IGATEWAY_DEBUG
last seen2020-02-29
modified2017-11-08
published2008-04-14
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/http/ca_igateway_debug.rb
titleCA iTechnology iGateway Debug Mode Buffer Overflow