{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-01-23T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-19T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1015526", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1015526"}, {"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://marc.info/?l=full-disclosure&m=113803349715927&w=2"}, {"name": "22688", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/22688"}, {"name": "18591", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/18591"}, {"name": "16354", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/16354"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"}, {"name": "380", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/380"}, {"name": "ca-igateway-contentlength-bo(24269)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"}, {"name": "ADV-2006-0311", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/0311"}, {"name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"}, {"name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"}, {"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2005-3653", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1015526", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1015526"}, {"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability", "refsource": "FULLDISC", "url": "http://marc.info/?l=full-disclosure&m=113803349715927&w=2"}, {"name": "22688", "refsource": "OSVDB", "url": "http://www.osvdb.org/22688"}, {"name": "18591", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/18591"}, {"name": "16354", "refsource": "BID", "url": "http://www.securityfocus.com/bid/16354"}, {"name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778", "refsource": "CONFIRM", "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"}, {"name": "380", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/380"}, {"name": "ca-igateway-contentlength-bo(24269)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"}, {"name": "ADV-2006-0311", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/0311"}, {"name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"}, {"name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow", "refsource": "IDEFENSE", "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"}, {"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"}, {"name": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp", "refsource": "CONFIRM", "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T23:17:23.637Z"}, "title": "CVE Program Container", "references": [{"name": "1015526", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1015526"}, {"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://marc.info/?l=full-disclosure&m=113803349715927&w=2"}, {"name": "22688", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/22688"}, {"name": "18591", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/18591"}, {"name": "16354", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/16354"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"}, {"name": "380", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/380"}, {"name": "ca-igateway-contentlength-bo(24269)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"}, {"name": "ADV-2006-0311", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/0311"}, {"name": "20060127 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability [v1.1]", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"}, {"name": "20060123 Computer Associates iTechnology iGateway Service Content-Length Buffer Overflow", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"}, {"name": "20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2005-3653", "datePublished": "2006-01-23T20:00:00", "dateReserved": "2005-11-18T00:00:00", "dateUpdated": "2024-08-07T23:17:23.637Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*", "matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*", "matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "7F206D15-FF0D-400E-9727-5DA6C07B57EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_process_automation_manager:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "BD04989D-D045-4693-87DA-16754D9BF644", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "FA67A49C-688A-4B6E-8B90-BEC937FCEE20", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*", "matchCriteriaId": "FFD847AD-8AD1-40C1-9582-CC234D900CEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "70D35A8A-BB31-4FC6-8031-D93FE7347A10", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "A7384B78-1F35-4DB4-A128-EBE33FD70C8A", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "B3F5A1F3-EEE3-4187-9F44-545EB21EF121", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_storage_resource_manager:11.5:*:*:*:*:*:*:*", "matchCriteriaId": "152FDE32-0525-4F1E-9BD5-A3EB47644B03", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "08594EFB-E04B-42E8-BE00-C3ACDB62BA4C", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_audit_aries:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "CBBF77AF-542C-49E8-8F5A-1C0DB73F2DE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp2:*:*:*:*:*:*", "matchCriteriaId": "6829D317-1AB6-471B-9CE4-563C4FFB290D", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_audit_irecorder:1.5:sp3:*:*:*:*:*:*", "matchCriteriaId": "571D4793-63EE-4A9D-991B-0F92842BDF58", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_audit_irecorder:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F182A43-4999-441D-9B37-093E033BAADC", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_identity_minder:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "6DF2F1AC-CF62-47CE-96B3-08CE412A7D0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:etrust_integrated_threat_management:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "045F1ADA-E9D1-4C8B-9275-040939E73A6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:itechnology_igateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA60254A-F0BE-4E53-9D04-C3F4D80E662D", "versionEndIncluding": "4.0.050615", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:unicenter_asset_portfolio_management:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "D3358719-780A-41E1-A09A-7C27C921D6DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:unicenter_autosys_jm:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "388A5565-442B-441C-B727-586B23FE8540", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:unicenter_service_delivery:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "137A1E55-CDF0-49FF-9A63-5FB44BA9FC40", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:unicenter_service_desk:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "F2247ED3-2CF1-49A5-9456-F51164A1D220", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:unicenter_service_desk_knowledge_tools:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "3046725F-B0C5-4625-AE5D-8B6C7DC9A085", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:unicenter_service_fulfillment:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "CF7FADA4-429F-4658-A47C-DCB13D6ED903", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:unicenter_service_metric_analysis:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "607CA384-B71B-460F-ACCF-ACCBC9C17FA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*", "matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:solaris:*:*:*:*:*", "matchCriteriaId": "15862D0F-90C0-46A3-8457-B1FD8877CC74", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:solaris:*:*:*:*:*", "matchCriteriaId": "196FFF4A-1976-477B-927F-82A3CBECA530", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:tru64:*:*:*:*:*", "matchCriteriaId": "5DC10E01-4694-4699-9C8D-328627F515D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:windows_64-bit:*:*:*:*:*", "matchCriteriaId": "2C3C45FE-C057-4DF2-8D68-892C9DD47ED1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:etrust_audit_aries:1.5:sp2:*:*:*:*:*:*", "matchCriteriaId": "473DC00E-B779-4CB4-A165-DE2954F225C9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:etrust_audit_aries:1.5:sp3:*:*:*:*:*:*", "matchCriteriaId": "A7A0ED34-94B3-447E-8CF2-8439FAF05894", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:etrust_directory:8.1_web_components:*:*:*:*:*:*:*", "matchCriteriaId": "F148F27B-50D6-4C29-BC9D-1E11B783808D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:etrust_secure_content_manager:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "5DB54A16-5E56-46FC-A49C-56C98C0B8F1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:unicenter_application_performance_monitor:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "96C5D628-2CBB-4ED1-B7C1-C2ABE6A8E2FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:unicenter_application_server_managment:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "54A75987-8E51-4D25-965D-343E8F07BC25", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:unicenter_ca_web_services_distributed_management:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "48726411-E052-4F4A-9EAC-7616059E3599", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:unicenter_exchange_management_console:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "F1ADE61A-3096-4079-B586-00B977B5E523", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:unicenter_management:3.5:*:websphere_mq:*:*:*:*:*", "matchCriteriaId": "0FE2A55B-A89D-470E-8E9E-4B1B0FB1C4C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:unicenter_management:11.0:*:weblogic:*:*:*:*:*", "matchCriteriaId": "07E5BAC2-FF02-4ADC-9939-AE93B60E53E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:unicenter_management:11.0:*:websphere:*:*:*:*:*", "matchCriteriaId": "DBB1EA1F-57BA-4850-B5C2-6900A1DE80CB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:unicenter_service_catalog_fulfillment_accounting:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "8045AE85-40C1-4122-B073-8579E84B88D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:unicenter_service_fulfillment:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "E8DB1604-AFCB-4D37-9665-9725119570F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:unicenter_service_level_management:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "EF170A77-7B4D-4B0F-BA7C-05773E03DFE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:unicenter_web_server_management:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "11364903-CA67-499C-9BE8-36B01FD7E7A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:unicenter_web_services_distributed_management:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "83DFAC82-1835-49EE-AE88-BFFFD2D6C2B9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field."}], "id": "CVE-2005-3653", "lastModified": "2021-04-14T15:41:53.463", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2005-12-31T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=full-disclosure&m=113803349715927&w=2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/18591"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/380"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://securitytracker.com/id?1015526"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.idefense.com/intelligence/vulnerabilities/display.php?id=376"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.osvdb.org/22688"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/423288/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/423403/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/16354"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2006/0311"}, {"source": "cve@mitre.org", "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33778"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24269"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}