CA iTechnology iGateway Service Content-Length Buffer Overflow

critical Nessus Plugin ID 20805

Synopsis

The remote web server is affected by a buffer overflow vulnerability.

Description

The remote host is using CA iTechnology iGateway service, a software component used in various products from CA.

The version of the iGateway service installed on the remote host reportedly fails to sanitize Content-Length HTTP header values before using them to allocate heap memory. An attacker can supply a negative value, which causes the software to allocate a small buffer, and then overflow that with a long URI. Successful exploitation of this issue can lead to a server crash or possibly the execution of arbitrary code. Note that, under Windows, the server runs with local SYSTEM privileges.

Solution

Contact the vendor to upgrade to iGateway 4.0.051230 or later.

See Also

http://www.nessus.org/u?059ed5ba

http://supportconnectw.ca.com/public/ca_common_docs/igatewaysecurity_notice.asp

Plugin Details

Severity: Critical

ID: 20805

File Name: igateway_content_length_overflow.nasl

Version: 1.19

Type: remote

Agent: windows

Family: Windows

Published: 1/24/2006

Updated: 6/3/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Exploit Ease: No known exploits are available

Patch Publication Date: 1/23/2006

Vulnerability Publication Date: 1/23/2006

Reference Information

CVE: CVE-2005-3653

BID: 16354

IAVA: 2006-A-0008-S