Intrusion Prevention

CA.License.GCR.String.Buffer.Overflow

Description

Computer Associates? License Server and License Server and Client has a stack-base buffer overflow. A attacker can execute arbitrary code on the system with the LocalSystem or root privileges via a GCR (GETCONFIG) request with too long IP address, hostname, or netmask string in the NETWORK parameter.

Affected Products

Computer Associates License ServerClient 1.53 to 1.61.8

Impact

Gain Access

Recommended Actions

Apply the appropriate patch for your system.
http://supportconnectw.ca.com/public/reglic/downloads/licensepatch.asp#alp

CVE References

CVE-2005-0581