Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:CA:IGATEWAY-BOF

Severity

 Critical

Recommended

 No

Recommended Action

 Drop

Category

 APP

Release Date

 2006/10/16

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+

APP: Computer Associates iGateway Debug Buffer Overflow


This signature detects attempts to exploit a known vulnerability in the Computer Associates iGateway software. A successful exploit can lead to arbitrary code execution. This vulnerability is only exploitable when the server is in debug mode.

Extended Description

Multiple Computer Associates products are susceptible to a remote buffer overflow vulnerability. This issue is due to a failure of the affected products to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer. This issue exists in the iTechnology iGateway component that is included in multiple Computer Associates products. Versions 1.x, 2.x, and the current 4.x versions of the iGateway component are not affected by this issue. Version 3.0.040107 and earlier 3.x versions are affected. This issue is only exploitable if the non-default components are installed, the 'igateway.conf' configuration file has debugging enabled, and the service is then manually restarted. This issue allows remote attackers to execute arbitrary machine code in the context of affected applications.

Affected Products

  • Computer Associates Advantage Data Transformer 2.2.0
  • Computer Associates Advantage Data Transport 3.0.0
  • Computer Associates Advantage Ingress Enterprise Relational Database 2.6.0
  • Computer Associates AdviseIT 2.4.0
  • Computer Associates AllFusion ERwin Data Modeler 3.0.2
  • Computer Associates AllFusion ERwin Data Modeler 3.5.2
  • Computer Associates AllFusion ERwin Data Modeler 3.9.0
  • Computer Associates AllFusion ERwin Data Modeler 4.1.0
  • Computer Associates ARCServe 6.61.0
  • Computer Associates ARCServe 2000
  • Computer Associates ARCServe 2000 Advanced Edition 7.0.0
  • Computer Associates ARCserve Backup for Laptops and Desktops 11.0
  • Computer Associates ARCserve Backup for Laptops and Desktops 11.1
  • Computer Associates ARCServeIT 6.61.0
  • Computer Associates ARCServeIT 6.61.0 Linux
  • Computer Associates ARCServeIT 6.63.0
  • Computer Associates ARCServeIT Linux 6.6.0
  • Computer Associates BrightStor ARCserve 2000 Backup Windows Japanese
  • Computer Associates BrightStor ARCServe Backup 11.1.0
  • Computer Associates BrightStor ARCServe Backup 11.5.0
  • Computer Associates BrightStor ARCServe Backup 9.1.0
  • Computer Associates BrightStor ARCserve Backup Agent for Exchange 11.0.0
  • Computer Associates BrightStor ARCserve Backup Agent for Exchange 11.1.0
  • Computer Associates BrightStor ARCserve Backup Agent for Exchange 11.5.0
  • Computer Associates BrightStor ARCserve Backup Agent for Exchange 9.0.0 1
  • Computer Associates BrightStor ARCserve Backup Agent for SAP R/3 11.0.0
  • Computer Associates BrightStor ARCserve Backup Agent for SAP R/3 11.1.0
  • Computer Associates BrightStor ARCserve Backup Agent for SAP R/3 11.5.0
  • Computer Associates BrightStor ARCserve Backup Agent for SAP R/3 9.0.0 1
  • Computer Associates BrightStor ARCserve Backup Agent for SQL 11.0.0
  • Computer Associates BrightStor ARCserve Backup Agent for SQL 11.1.0
  • Computer Associates BrightStor ARCserve Backup Agent for SQL 11.5.0
  • Computer Associates BrightStor ARCserve Backup Agent for SQL 9.0.0 .0
  • Computer Associates BrightStor ARCserve Backup Agent for SQL 9.0.0 .0.1
  • Computer Associates BrightStor ARCServe Backup for AIX 11.1.0
  • Computer Associates BrightStor ARCServe Backup for HP 11.1.0
  • Computer Associates BrightStor ARCServe Backup for Linux 11.1.0
  • Computer Associates BrightStor ARCServe Backup for Linux 7.0.0
  • Computer Associates BrightStor ARCServe Backup for Linux 9.0.0
  • Computer Associates BrightStor ARCServe Backup for Linux Japanese 9.0.0
  • Computer Associates BrightStor ARCServe Backup for Macintosh 11.1.0
  • Computer Associates BrightStor ARCServe Backup for Mainframe Linux 11.1.0
  • Computer Associates BrightStor ARCServe Backup for NetWare 11.1.0
  • Computer Associates BrightStor ARCServe Backup for NetWare 9.0.0
  • Computer Associates BrightStor ARCserve Backup for Oracle 11.0.0
  • Computer Associates BrightStor ARCserve Backup for Oracle 11.1.0
  • Computer Associates BrightStor ARCserve Backup for Oracle 9.0.0 1
  • Computer Associates BrightStor ARCServe Backup for Solaris 11.1.0
  • Computer Associates BrightStor ARCServe Backup for Tru64 11.1.0
  • Computer Associates BrightStor ARCServe Backup for Windows 11.0.0
  • Computer Associates BrightStor ARCServe Backup for Windows 11.1.0
  • Computer Associates BrightStor ARCServe Backup for Windows 11.5.0
  • Computer Associates BrightStor ARCServe Backup for Windows 9.0.0 .0.1
  • Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.0.0
  • Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.1.0
  • Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.5.0
  • Computer Associates BrightStor ARCServe Backup for Windows 64 bit 9.0.1
  • Computer Associates BrightStor ARCserve Backup for Windows (All) 11.1
  • Computer Associates BrightStor ARCserve Backup for Windows (All) 11.5.0
  • Computer Associates BrightStor ARCserve Backup for Windows (Client) 11.1
  • Computer Associates BrightStor ARCserve Backup for Windows (Client) 11.5.0
  • Computer Associates BrightStor ARCserve Backup for Windows (Eng-All) 11.5.0
  • Computer Associates BrightStor ARCserve Backup for Windows (Eng-All) 9.01
  • Computer Associates BrightStor ARCserve Backup for Windows (Eng-Cli) 11.5.0
  • Computer Associates BrightStor ARCserve Backup for Windows (Eng-Cli) 9.01
  • Computer Associates BrightStor ARCserve Backup for Windows (NoEng-All) 11.5.0
  • Computer Associates BrightStor ARCserve Backup for Windows (NoEng-All) 9.01
  • Computer Associates BrightStor ARCserve Backup for Windows (NoEng-Cli) 11.5.0
  • Computer Associates BrightStor ARCserve Backup for Windows (NoEng-Cli) 9.01
  • Computer Associates BrightStor Enterprise Backup 10.0.0
  • Computer Associates BrightStor Enterprise Backup 10.5.0
  • Computer Associates BrightStor Enterprise Backup Agent for Oracle 10.0.0
  • Computer Associates BrightStor Enterprise Backup Agent for Oracle 10.5.0
  • Computer Associates BrightStor Enterprise Backup Agent for SAP R/3 10.0.0
  • Computer Associates BrightStor Enterprise Backup Agent for SAP R/3 10.5.0
  • Computer Associates BrightStor Enterprise Backup Agent for SQL 10.0.0
  • Computer Associates BrightStor Enterprise Backup Agent for SQL 10.5.0
  • Computer Associates BrightStor Enterprise Backup for AIX 10.0.0
  • Computer Associates BrightStor Enterprise Backup for AIX 10.5.0
  • Computer Associates BrightStor Enterprise Backup for HP 10.5.0
  • Computer Associates BrightStor Enterprise Backup for HPUX 10.0.0
  • Computer Associates BrightStor Enterprise Backup for Mainframe Linux 10.0.0
  • Computer Associates BrightStor Enterprise Backup for Solaris 10.0.0
  • Computer Associates BrightStor Enterprise Backup for Solaris 10.5.0
  • Computer Associates BrightStor Enterprise Backup for Tru64 10.5.0
  • Computer Associates BrightStor Enterprise Backup for Windows 64 bit 10.5.0
  • Computer Associates BrightStor Enterprise Backup Serverless Backup 10.0.0
  • Computer Associates BrightStor Enterprise Backup Serverless Backup 10.5.0
  • Computer Associates BrightStor Enterprise Backup Serverless Backup 11.5.0
  • Computer Associates BrightStor Portal 1.0.0
  • Computer Associates BrightStor Portal 1.1.0
  • Computer Associates BrightStor Portal 11.1.0
  • Computer Associates BrightStor Process Automation Manager 11.1.0
  • Computer Associates BrightStor SAN Manager 1.1.0
  • Computer Associates BrightStor SAN Manager 1.1.0 SP1
  • Computer Associates BrightStor SAN Manager 1.1.0 SP2
  • Computer Associates BrightStor SAN Manager 11.1.0
  • Computer Associates BrightStor SAN Manager 11.5.0
  • Computer Associates BrightStor SRM 11.1.0
  • Computer Associates BrightStor SRM 11.5.0
  • Computer Associates BrightStor SRM 6.3.0
  • Computer Associates BrightStor SRM 6.4.0
  • Computer Associates BrightStor SRM 7.2.0 (Windows)
  • Computer Associates BrightStor SRM 7.3.0 (Windows)
  • Computer Associates CAM 1.05
  • Computer Associates CAM 1.07
  • Computer Associates CAM 1.07 Build 220_13
  • Computer Associates CAM 1.11
  • Computer Associates CAM 1.11 Build 29_13
  • Computer Associates CA-MLINK
  • Computer Associates CleverPath Aion 10.0.0
  • Computer Associates CleverPath ECM 3.5.0
  • Computer Associates CleverPath OLAP 5.1.0
  • Computer Associates CleverPath Predictive Analysis Server 2.0.0
  • Computer Associates CleverPath Predictive Analysis Server 3.0.0
  • Computer Associates Common Services 1.0.0
  • Computer Associates Common Services 1.1.0
  • Computer Associates Common Services 2.0.0
  • Computer Associates Common Services 2.1.0
  • Computer Associates Common Services 2.2.0
  • Computer Associates Common Services 3.0.0
  • Computer Associates Control IT Advanced Edition 5.0.0
  • Computer Associates Control IT Enterprise Edition 5.0.0
  • Computer Associates Control IT Enterprise Edition 5.1.0
  • Computer Associates eTrust Access Control 4.1.0
  • Computer Associates eTrust Access Control 4.1.0 -SP1
  • Computer Associates eTrust Access Control 5.0.0
  • Computer Associates eTrust Access Control 5.0.0 -SP1
  • Computer Associates eTrust Admin 2.1.0
  • Computer Associates eTrust Admin 2.4.0
  • Computer Associates eTrust Admin 2.7.0
  • Computer Associates eTrust Admin 2.9.0
  • Computer Associates eTrust Admin 8.0.0
  • Computer Associates eTrust Admin 8.1.0
  • Computer Associates eTrust Antivirus 6.0.0
  • Computer Associates eTrust Antivirus 7.0.0
  • Computer Associates eTrust Antivirus 7.0.0 SP2
  • Computer Associates eTrust Antivirus 7.1.0
  • Computer Associates eTrust Antivirus EE 6.0.0
  • Computer Associates eTrust Antivirus EE 7.0.0
  • Computer Associates eTrust Antivirus for the Gateway 7.0.0
  • Computer Associates eTrust Antivirus for the Gateway 7.1.0
  • Computer Associates eTrust Audit ARIES 1.5.0 SP2
  • Computer Associates eTrust Audit ARIES 1.5.0 SP3
  • Computer Associates eTrust Audit ARIES 8.0.0
  • Computer Associates eTrust Audit iRecorders 1.5.0 SP2
  • Computer Associates eTrust Audit iRecorders 1.5.0 SP3
  • Computer Associates eTrust Audit iRecorders 8.0.0
  • Computer Associates eTrust CA-Top Secret Security for z/OS and OS/390 5.3.0
  • Computer Associates eTrust EZ Antivirus 6.1.0
  • Computer Associates eTrust EZ Antivirus 6.2.0
  • Computer Associates eTrust EZ Antivirus 6.3.0
  • Computer Associates eTrust EZ Antivirus 7.0.0
  • Computer Associates eTrust EZ Antivirus 7.0.1
  • Computer Associates eTrust EZ Antivirus 7.0.1 .1
  • Computer Associates eTrust EZ Antivirus 7.0.1 .2
  • Computer Associates eTrust EZ Antivirus 7.0.1 .3
  • Computer Associates eTrust EZ Antivirus 7.0.1 .4
  • Computer Associates eTrust EZ Antivirus 7.0.2
  • Computer Associates eTrust EZ Antivirus 7.0.2 .1
  • Computer Associates eTrust EZ Antivirus 7.0.3
  • Computer Associates eTrust EZ Antivirus 7.0.4
  • Computer Associates eTrust EZ Antivirus 7.0.5
  • Computer Associates eTrust EZ Armor 1.0.0
  • Computer Associates eTrust EZ Armor 2.0.0
  • Computer Associates eTrust EZ Armor 2.3.0
  • Computer Associates eTrust EZ Armor 2.4.0
  • Computer Associates eTrust EZ Armor 2.4.4
  • Computer Associates eTrust EZ Armor 3.1.0
  • Computer Associates eTrust EZ Armor LE 2.0.0
  • Computer Associates eTrust EZ Armor LE 3.0.0 .0.14
  • Computer Associates eTrust Identity Minder 6.0.0 SP1
  • Computer Associates eTrust Identity Minder 8.0.0
  • Computer Associates eTrust InoculateIT 6.0.0
  • Computer Associates eTrust Integrated Threat Management 8.0.0
  • Computer Associates eTrust Intrusion Detection 1.4.1 .13
  • Computer Associates eTrust Intrusion Detection 1.4.5
  • Computer Associates eTrust Intrusion Detection 1.5.0
  • Computer Associates eTrust Intrusion Detection 3.0.0
  • Computer Associates eTrust Intrusion Detection 3.0.0 SP 1
  • Computer Associates eTrust Policy Compliance 7.4.0
  • Computer Associates eTrust Secure Content Manager 1.0.0
  • Computer Associates eTrust Secure Content Manager 1.0.0 SP1
  • Computer Associates eTrust Secure Content Manager 1.1.0
  • Computer Associates eTrust Secure Content Manager 8.0.0
  • Computer Associates eTrust Security Command Center 1.0.0
  • Computer Associates eTrust SiteMinder 5.5.0
  • Computer Associates eTrust SiteMinder 6.0.0 SP2
  • Computer Associates eTrust Web Service Security 8.0.0
  • Computer Associates Harvest Change Manager 7.1.0
  • Computer Associates InoculateIT 4.53.0
  • Computer Associates InoculateIT 6.0.0
  • Computer Associates InterTest 3.0.0 Batch
  • Computer Associates InterTest 6.0.0 For CICS
  • Computer Associates License 1.0.15
  • Computer Associates License 1.53.0
  • Computer Associates License 1.54.0
  • Computer Associates License 1.55.0
  • Computer Associates License 1.56.0
  • Computer Associates License 1.57.0
  • Computer Associates License 1.60.0
  • Computer Associates License 1.60.2
  • Computer Associates License 1.60.3
  • Computer Associates License 1.61.0
  • Computer Associates License 1.61.1
  • Computer Associates License 1.61.2
  • Computer Associates License 1.61.8
  • Computer Associates License 1.61.9
  • Computer Associates SymDump for CICS 6.0.0
  • Computer Associates Telon 4.0.0
  • Computer Associates Unicenter
  • Computer Associates Unicenter Application Performance Monitor 11.0.0
  • Computer Associates Unicenter Application Performance Monitor 3.0.0
  • Computer Associates Unicenter Application Performance Monitor 3.5.0
  • Computer Associates Unicenter Application Server Managment 11.0.0
  • Computer Associates Unicenter Asset Management 3.1.0
  • Computer Associates Unicenter Asset Management 3.2.0
  • Computer Associates Unicenter Asset Management 3.2.0 SP1
  • Computer Associates Unicenter Asset Management 3.2.0 SP2
  • Computer Associates Unicenter Asset Management 4.0.0
  • Computer Associates Unicenter Asset Management 4.0.0 SP1
  • Computer Associates Unicenter Asset Manager
  • Computer Associates Unicenter Asset Portfolio Management 11.0.0
  • Computer Associates Unicenter AutoSys JM 11.0.0
  • Computer Associates Unicenter CA-11 Restart and Tracking 3.0.0
  • Computer Associates Unicenter CA Web Services Distributed Management 11.0.0
  • Computer Associates Unicenter Data Transport Option 2.0.0
  • Computer Associates Unicenter Enterprise Job Manager 1.0.0 SP1
  • Computer Associates Unicenter Enterprise Job Manager 1.0.0 SP2
  • Computer Associates Unicenter Exchange Management 11.0.0
  • Computer Associates Unicenter Jasmine 3.0.0
  • Computer Associates Unicenter Management for Lotus Notes/Domino 4.0.0
  • Computer Associates Unicenter Management for Microsoft Exchange 4.0.0
  • Computer Associates Unicenter Management for Microsoft Exchange 4.1.0
  • Computer Associates Unicenter Management for WebLogic 11.0.0
  • Computer Associates Unicenter Management for Web Servers 5.0.0
  • Computer Associates Unicenter Management for Web Servers 5.0.1
  • Computer Associates Unicenter Management for WebSphere 11.0.0
  • Computer Associates Unicenter Management for WebSphere MQ 3.5.0
  • Computer Associates Unicenter Management Portal 2.0.0
  • Computer Associates Unicenter Management Portal 3.1.0
  • Computer Associates Unicenter MQ Management 11.0.0
  • Computer Associates Unicenter Network and Systems Management 3.0.0
  • Computer Associates Unicenter Network and Systems Management 3.1.0
  • Computer Associates Unicenter NSM Wireless Network Management Option 3.0.0
  • Computer Associates Unicenter Performance Management for OpenVMS 2.4.0 SP3
  • Computer Associates Unicenter RC/Update 6.0.0
  • Computer Associates Unicenter RC/Update 6.1.0
  • Computer Associates Unicenter Remote Control 5.2.0
  • Computer Associates Unicenter Remote Control 6.0.0
  • Computer Associates Unicenter Remote Control 6.0.0 SP1
  • Computer Associates Unicenter Remote Control English 6.0.0 SP1 (Build 6.0.77)
  • Computer Associates Unicenter Remote Control English GA 6.0.0 (6.0.56.3)
  • Computer Associates Unicenter Remote Control English QO48974 6.0.0 (Build 6.0.74)
  • Computer Associates Unicenter Remote Control French 6.0.0 SP1 (Build 6.0.77)
  • Computer Associates Unicenter Remote Control French GA 6.0.0 (Build 6.0.74)
  • Computer Associates Unicenter Remote Control German 6.0.0 SP1 (Build 6.0.77)
  • Computer Associates Unicenter Remote Control German GA 6.0.0 (Build 6.0.74)
  • Computer Associates Unicenter Remote Control Host 6.0.0
  • Computer Associates Unicenter Remote Control Option 5.0.0
  • Computer Associates Unicenter Remote Control Option 5.1.0
  • Computer Associates Unicenter Remote Control Option German Version 5.1.0
  • Computer Associates Unicenter Service Catalog/Fulfillment/Accounting 11.0.0
  • Computer Associates Unicenter Service Delivery 11.0.0
  • Computer Associates Unicenter Service Desk 11.0.0
  • Computer Associates Unicenter Service Desk Knowledge Tools 11.0.0
  • Computer Associates Unicenter Service Fulfillment 11.0.0
  • Computer Associates Unicenter Service Fulfillment 2.2.0
  • Computer Associates Unicenter Service Level Management 11.0.0
  • Computer Associates Unicenter Service Level Management 3.0.0
  • Computer Associates Unicenter Service Level Management 3.0.1
  • Computer Associates Unicenter Service Level Management 3.0.2
  • Computer Associates Unicenter Service Level Management 3.5.0
  • Computer Associates Unicenter Service Matrix Analysis 11.0.0
  • Computer Associates Unicenter ServicePlus Service Desk 5.5.0
  • Computer Associates Unicenter ServicePlus Service Desk 5.5.1
  • Computer Associates Unicenter ServicePlus Service Desk 6.0.0
  • Computer Associates Unicenter Software Delivery 3.0.0
  • Computer Associates Unicenter Software Delivery 3.1.0
  • Computer Associates Unicenter Software Delivery 3.1.0 SP1
  • Computer Associates Unicenter Software Delivery 3.1.0 SP2
  • Computer Associates Unicenter Software Delivery 4.0.0
  • Computer Associates Unicenter Software Delivery 4.0.0 SP1
  • Computer Associates Unicenter TNG 2.1.0
  • Computer Associates Unicenter TNG 2.2.0
  • Computer Associates Unicenter TNG 2.4.0
  • Computer Associates Unicenter TNG 2.4.2
  • Computer Associates Unicenter TNG 2.5.0
  • Computer Associates Unicenter TNG JPN 2.2.0
  • Computer Associates Unicenter Web Server Management 11.0.0
  • Computer Associates Vet Antivirus 10.66.0
  • Computer Associates Vet Antivirus 10.67.0
  • Computer Associates Vet Antivirus 11.9.1

References

  • BugTraq: 15025
  • CVE: CVE-2005-3190
  • URL: http://www.frsirt.com/english/advisories/2005/2028

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy & Policy
Legal Notices
Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out