This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
APP:CA:IGATEWAY-BOF
|
Severity |
Critical
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
APP
|
Keywords |
Computer Associates iGateway Debug Buffer Overflow
|
Release Date |
2006/10/16
|
Update Number |
1213
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
APP: Computer Associates iGateway Debug Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Computer Associates iGateway software. A successful exploit can lead to arbitrary code execution. This vulnerability is only exploitable when the server is in debug mode.
Extended Description
Multiple Computer Associates products are susceptible to a remote buffer overflow vulnerability. This issue is due to a failure of the affected products to properly bounds check user-supplied data prior to copying it to an insufficiently sized memory buffer.
This issue exists in the iTechnology iGateway component that is included in multiple Computer Associates products.
Versions 1.x, 2.x, and the current 4.x versions of the iGateway component are not affected by this issue. Version 3.0.040107 and earlier 3.x versions are affected. This issue is only exploitable if the non-default components are installed, the 'igateway.conf' configuration file has debugging enabled, and the service is then manually restarted.
This issue allows remote attackers to execute arbitrary machine code in the context of affected applications.
Affected Products
- Computer_associates advantage_data_transformer 2.2.0
- Computer_associates advantage_data_transport 3.0.0
- Computer_associates advantage_ingress_enterprise_relational_database 2.6.0
- Computer_associates adviseit 2.4.0
- Computer_associates allfusion_erwin_data_modeler 3.0.2
- Computer_associates allfusion_erwin_data_modeler 3.5.2
- Computer_associates allfusion_erwin_data_modeler 3.9.0
- Computer_associates allfusion_erwin_data_modeler 4.1.0
- Computer_associates arcserve 6.61.0
- Computer_associates arcserve_2000
- Computer_associates arcserve_2000_advanced_edition 7.0.0
- Computer_associates arcserve_backup_for_laptops_and_desktops 11.0
- Computer_associates arcserve_backup_for_laptops_and_desktops 11.1
- Computer_associates arcserveit 6.61.0
- Computer_associates arcserveit 6.61.0 Linux
- Computer_associates arcserveit 6.63.0
- Computer_associates arcserveit_linux 6.6.0
- Computer_associates brightstor_arcserve_2000_backup_windows_japanese
- Computer_associates brightstor_arcserve_backup 11.1.0
- Computer_associates brightstor_arcserve_backup 11.5.0
- Computer_associates brightstor_arcserve_backup 9.1.0
- Computer_associates brightstor_arcserve_backup_agent_for_exchange 11.0.0
- Computer_associates brightstor_arcserve_backup_agent_for_exchange 11.1.0
- Computer_associates brightstor_arcserve_backup_agent_for_exchange 11.5.0
- Computer_associates brightstor_arcserve_backup_agent_for_exchange 9.0.0 1
- Computer_associates brightstor_arcserve_backup_agent_for_sap_r/3 11.0.0
- Computer_associates brightstor_arcserve_backup_agent_for_sap_r/3 11.1.0
- Computer_associates brightstor_arcserve_backup_agent_for_sap_r/3 11.5.0
- Computer_associates brightstor_arcserve_backup_agent_for_sap_r/3 9.0.0 1
- Computer_associates brightstor_arcserve_backup_agent_for_sql 11.0.0
- Computer_associates brightstor_arcserve_backup_agent_for_sql 11.1.0
- Computer_associates brightstor_arcserve_backup_agent_for_sql 11.5.0
- Computer_associates brightstor_arcserve_backup_agent_for_sql 9.0.0 .0
- Computer_associates brightstor_arcserve_backup_agent_for_sql 9.0.0 .0.1
- Computer_associates brightstor_arcserve_backup_for_aix 11.1.0
- Computer_associates brightstor_arcserve_backup_for_hp 11.1.0
- Computer_associates brightstor_arcserve_backup_for_linux 11.1.0
- Computer_associates brightstor_arcserve_backup_for_linux 7.0.0
- Computer_associates brightstor_arcserve_backup_for_linux 9.0.0
- Computer_associates brightstor_arcserve_backup_for_linux_japanese 9.0.0
- Computer_associates brightstor_arcserve_backup_for_macintosh 11.1.0
- Computer_associates brightstor_arcserve_backup_for_mainframe_linux 11.1.0
- Computer_associates brightstor_arcserve_backup_for_netware 11.1.0
- Computer_associates brightstor_arcserve_backup_for_netware 9.0.0
- Computer_associates brightstor_arcserve_backup_for_oracle 11.0.0
- Computer_associates brightstor_arcserve_backup_for_oracle 11.1.0
- Computer_associates brightstor_arcserve_backup_for_oracle 9.0.0 1
- Computer_associates brightstor_arcserve_backup_for_solaris 11.1.0
- Computer_associates brightstor_arcserve_backup_for_tru64 11.1.0
- Computer_associates brightstor_arcserve_backup_for_windows 11.0.0
- Computer_associates brightstor_arcserve_backup_for_windows 11.1.0
- Computer_associates brightstor_arcserve_backup_for_windows 11.5.0
- Computer_associates brightstor_arcserve_backup_for_windows 9.0.0 .0.1
- Computer_associates brightstor_arcserve_backup_for_windows_64_bit 11.0.0
- Computer_associates brightstor_arcserve_backup_for_windows_64_bit 11.1.0
- Computer_associates brightstor_arcserve_backup_for_windows_64_bit 11.5.0
- Computer_associates brightstor_arcserve_backup_for_windows_64_bit 9.0.1
- Computer_associates brightstor_arcserve_backup_for_windows_(all) 11.1
- Computer_associates brightstor_arcserve_backup_for_windows_(all) 11.5.0
- Computer_associates brightstor_arcserve_backup_for_windows_(client) 11.1
- Computer_associates brightstor_arcserve_backup_for_windows_(client) 11.5.0
- Computer_associates brightstor_arcserve_backup_for_windows_(eng-all) 11.5.0
- Computer_associates brightstor_arcserve_backup_for_windows_(eng-all) 9.01
- Computer_associates brightstor_arcserve_backup_for_windows_(eng-cli) 11.5.0
- Computer_associates brightstor_arcserve_backup_for_windows_(eng-cli) 9.01
- Computer_associates brightstor_arcserve_backup_for_windows_(noeng-all) 11.5.0
- Computer_associates brightstor_arcserve_backup_for_windows_(noeng-all) 9.01
- Computer_associates brightstor_arcserve_backup_for_windows_(noeng-cli) 11.5.0
- Computer_associates brightstor_arcserve_backup_for_windows_(noeng-cli) 9.01
- Computer_associates brightstor_enterprise_backup 10.0.0
- Computer_associates brightstor_enterprise_backup 10.5.0
- Computer_associates brightstor_enterprise_backup_agent_for_oracle 10.0.0
- Computer_associates brightstor_enterprise_backup_agent_for_oracle 10.5.0
- Computer_associates brightstor_enterprise_backup_agent_for_sap_r/3 10.0.0
- Computer_associates brightstor_enterprise_backup_agent_for_sap_r/3 10.5.0
- Computer_associates brightstor_enterprise_backup_agent_for_sql 10.0.0
- Computer_associates brightstor_enterprise_backup_agent_for_sql 10.5.0
- Computer_associates brightstor_enterprise_backup_for_aix 10.0.0
- Computer_associates brightstor_enterprise_backup_for_aix 10.5.0
- Computer_associates brightstor_enterprise_backup_for_hp 10.5.0
- Computer_associates brightstor_enterprise_backup_for_hpux 10.0.0
- Computer_associates brightstor_enterprise_backup_for_mainframe_linux 10.0.0
- Computer_associates brightstor_enterprise_backup_for_solaris 10.0.0
- Computer_associates brightstor_enterprise_backup_for_solaris 10.5.0
- Computer_associates brightstor_enterprise_backup_for_tru64 10.5.0
- Computer_associates brightstor_enterprise_backup_for_windows_64_bit 10.5.0
- Computer_associates brightstor_enterprise_backup_serverless_backup 10.0.0
- Computer_associates brightstor_enterprise_backup_serverless_backup 10.5.0
- Computer_associates brightstor_enterprise_backup_serverless_backup 11.5.0
- Computer_associates brightstor_portal 1.0.0
- Computer_associates brightstor_portal 1.1.0
- Computer_associates brightstor_portal 11.1.0
- Computer_associates brightstor_process_automation_manager 11.1.0
- Computer_associates brightstor_san_manager 1.1.0
- Computer_associates brightstor_san_manager 1.1.0 SP1
- Computer_associates brightstor_san_manager 1.1.0 SP2
- Computer_associates brightstor_san_manager 11.1.0
- Computer_associates brightstor_san_manager 11.5.0
- Computer_associates brightstor_srm 11.1.0
- Computer_associates brightstor_srm 11.5.0
- Computer_associates brightstor_srm 6.3.0
- Computer_associates brightstor_srm 6.4.0
- Computer_associates brightstor_srm 7.2.0 (Windows)
- Computer_associates brightstor_srm 7.3.0 (Windows)
- Computer_associates cam 1.05
- Computer_associates cam 1.07
- Computer_associates cam 1.07 Build 220_13
- Computer_associates cam 1.11
- Computer_associates cam 1.11 Build 29_13
- Computer_associates ca-mlink
- Computer_associates cleverpath_aion 10.0.0
- Computer_associates cleverpath_ecm 3.5.0
- Computer_associates cleverpath_olap 5.1.0
- Computer_associates cleverpath_predictive_analysis_server 2.0.0
- Computer_associates cleverpath_predictive_analysis_server 3.0.0
- Computer_associates common_services 1.0.0
- Computer_associates common_services 1.1.0
- Computer_associates common_services 2.0.0
- Computer_associates common_services 2.1.0
- Computer_associates common_services 2.2.0
- Computer_associates common_services 3.0.0
- Computer_associates control_it_advanced_edition 5.0.0
- Computer_associates control_it_enterprise_edition 5.0.0
- Computer_associates control_it_enterprise_edition 5.1.0
- Computer_associates etrust_access_control 4.1.0
- Computer_associates etrust_access_control 4.1.0 -SP1
- Computer_associates etrust_access_control 5.0.0
- Computer_associates etrust_access_control 5.0.0 -SP1
- Computer_associates etrust_admin 2.1.0
- Computer_associates etrust_admin 2.4.0
- Computer_associates etrust_admin 2.7.0
- Computer_associates etrust_admin 2.9.0
- Computer_associates etrust_admin 8.0.0
- Computer_associates etrust_admin 8.1.0
- Computer_associates etrust_antivirus 6.0.0
- Computer_associates etrust_antivirus 7.0.0
- Computer_associates etrust_antivirus 7.0.0 SP2
- Computer_associates etrust_antivirus 7.1.0
- Computer_associates etrust_antivirus_ee 6.0.0
- Computer_associates etrust_antivirus_ee 7.0.0
- Computer_associates etrust_antivirus_for_the_gateway 7.0.0
- Computer_associates etrust_antivirus_for_the_gateway 7.1.0
- Computer_associates etrust_audit_aries 1.5.0 SP2
- Computer_associates etrust_audit_aries 1.5.0 SP3
- Computer_associates etrust_audit_aries 8.0.0
- Computer_associates etrust_audit_irecorders 1.5.0 SP2
- Computer_associates etrust_audit_irecorders 1.5.0 SP3
- Computer_associates etrust_audit_irecorders 8.0.0
- Computer_associates etrust_ca-top_secret_security_for_z/os_and_os/390 5.3.0
- Computer_associates etrust_ez_antivirus 6.1.0
- Computer_associates etrust_ez_antivirus 6.2.0
- Computer_associates etrust_ez_antivirus 6.3.0
- Computer_associates etrust_ez_antivirus 7.0.0
- Computer_associates etrust_ez_antivirus 7.0.1
- Computer_associates etrust_ez_antivirus 7.0.1 .1
- Computer_associates etrust_ez_antivirus 7.0.1 .2
- Computer_associates etrust_ez_antivirus 7.0.1 .3
- Computer_associates etrust_ez_antivirus 7.0.1 .4
- Computer_associates etrust_ez_antivirus 7.0.2
- Computer_associates etrust_ez_antivirus 7.0.2 .1
- Computer_associates etrust_ez_antivirus 7.0.3
- Computer_associates etrust_ez_antivirus 7.0.4
- Computer_associates etrust_ez_antivirus 7.0.5
- Computer_associates etrust_ez_armor 1.0.0
- Computer_associates etrust_ez_armor 2.0.0
- Computer_associates etrust_ez_armor 2.3.0
- Computer_associates etrust_ez_armor 2.4.0
- Computer_associates etrust_ez_armor 2.4.4
- Computer_associates etrust_ez_armor 3.1.0
- Computer_associates etrust_ez_armor_le 2.0.0
- Computer_associates etrust_ez_armor_le 3.0.0 .0.14
- Computer_associates etrust_identity_minder 6.0.0 SP1
- Computer_associates etrust_identity_minder 8.0.0
- Computer_associates etrust_inoculateit 6.0.0
- Computer_associates etrust_integrated_threat_management 8.0.0
- Computer_associates etrust_intrusion_detection 1.4.1 .13
- Computer_associates etrust_intrusion_detection 1.4.5
- Computer_associates etrust_intrusion_detection 1.5.0
- Computer_associates etrust_intrusion_detection 3.0.0
- Computer_associates etrust_intrusion_detection 3.0.0 SP 1
- Computer_associates etrust_policy_compliance 7.4.0
- Computer_associates etrust_secure_content_manager 1.0.0
- Computer_associates etrust_secure_content_manager 1.0.0 SP1
- Computer_associates etrust_secure_content_manager 1.1.0
- Computer_associates etrust_secure_content_manager 8.0.0
- Computer_associates etrust_security_command_center 1.0.0
- Computer_associates etrust_siteminder 5.5.0
- Computer_associates etrust_siteminder 6.0.0 SP2
- Computer_associates etrust_web_service_security 8.0.0
- Computer_associates harvest_change_manager 7.1.0
- Computer_associates inoculateit 4.53.0
- Computer_associates inoculateit 6.0.0
- Computer_associates intertest 3.0.0 Batch
- Computer_associates intertest 6.0.0 For CICS
- Computer_associates license 1.0.15
- Computer_associates license 1.53.0
- Computer_associates license 1.54.0
- Computer_associates license 1.55.0
- Computer_associates license 1.56.0
- Computer_associates license 1.57.0
- Computer_associates license 1.60.0
- Computer_associates license 1.60.2
- Computer_associates license 1.60.3
- Computer_associates license 1.61.0
- Computer_associates license 1.61.1
- Computer_associates license 1.61.2
- Computer_associates license 1.61.8
- Computer_associates license 1.61.9
- Computer_associates symdump_for_cics 6.0.0
- Computer_associates telon 4.0.0
- Computer_associates unicenter
- Computer_associates unicenter_application_performance_monitor 11.0.0
- Computer_associates unicenter_application_performance_monitor 3.0.0
- Computer_associates unicenter_application_performance_monitor 3.5.0
- Computer_associates unicenter_application_server_managment 11.0.0
- Computer_associates unicenter_asset_management 3.1.0
- Computer_associates unicenter_asset_management 3.2.0
- Computer_associates unicenter_asset_management 3.2.0 SP1
- Computer_associates unicenter_asset_management 3.2.0 SP2
- Computer_associates unicenter_asset_management 4.0.0
- Computer_associates unicenter_asset_management 4.0.0 SP1
- Computer_associates unicenter_asset_manager
- Computer_associates unicenter_asset_portfolio_management 11.0.0
- Computer_associates unicenter_autosys_jm 11.0.0
- Computer_associates unicenter_ca-11_restart_and_tracking 3.0.0
- Computer_associates unicenter_ca_web_services_distributed_management 11.0.0
- Computer_associates unicenter_data_transport_option 2.0.0
- Computer_associates unicenter_enterprise_job_manager 1.0.0 SP1
- Computer_associates unicenter_enterprise_job_manager 1.0.0 SP2
- Computer_associates unicenter_exchange_management 11.0.0
- Computer_associates unicenter_jasmine 3.0.0
- Computer_associates unicenter_management_for_lotus_notes/domino 4.0.0
- Computer_associates unicenter_management_for_microsoft_exchange 4.0.0
- Computer_associates unicenter_management_for_microsoft_exchange 4.1.0
- Computer_associates unicenter_management_for_weblogic 11.0.0
- Computer_associates unicenter_management_for_web_servers 5.0.0
- Computer_associates unicenter_management_for_web_servers 5.0.1
- Computer_associates unicenter_management_for_websphere 11.0.0
- Computer_associates unicenter_management_for_websphere_mq 3.5.0
- Computer_associates unicenter_management_portal 2.0.0
- Computer_associates unicenter_management_portal 3.1.0
- Computer_associates unicenter_mq_management 11.0.0
- Computer_associates unicenter_network_and_systems_management 3.0.0
- Computer_associates unicenter_network_and_systems_management 3.1.0
- Computer_associates unicenter_nsm_wireless_network_management_option 3.0.0
- Computer_associates unicenter_performance_management_for_openvms 2.4.0 SP3
- Computer_associates unicenter_rc/update 6.0.0
- Computer_associates unicenter_rc/update 6.1.0
- Computer_associates unicenter_remote_control 5.2.0
- Computer_associates unicenter_remote_control 6.0.0
- Computer_associates unicenter_remote_control 6.0.0 SP1
- Computer_associates unicenter_remote_control_english 6.0.0 SP1 (Build 6.0.77)
- Computer_associates unicenter_remote_control_english_ga 6.0.0 (6.0.56.3)
- Computer_associates unicenter_remote_control_english_qo48974 6.0.0 (Build 6.0.74)
- Computer_associates unicenter_remote_control_french 6.0.0 SP1 (Build 6.0.77)
- Computer_associates unicenter_remote_control_french_ga 6.0.0 (Build 6.0.74)
- Computer_associates unicenter_remote_control_german 6.0.0 SP1 (Build 6.0.77)
- Computer_associates unicenter_remote_control_german_ga 6.0.0 (Build 6.0.74)
- Computer_associates unicenter_remote_control_host 6.0.0
- Computer_associates unicenter_remote_control_option 5.0.0
- Computer_associates unicenter_remote_control_option 5.1.0
- Computer_associates unicenter_remote_control_option_german_version 5.1.0
- Computer_associates unicenter_service_catalog/fulfillment/accounting 11.0.0
- Computer_associates unicenter_service_delivery 11.0.0
- Computer_associates unicenter_service_desk 11.0.0
- Computer_associates unicenter_service_desk_knowledge_tools 11.0.0
- Computer_associates unicenter_service_fulfillment 11.0.0
- Computer_associates unicenter_service_fulfillment 2.2.0
- Computer_associates unicenter_service_level_management 11.0.0
- Computer_associates unicenter_service_level_management 3.0.0
- Computer_associates unicenter_service_level_management 3.0.1
- Computer_associates unicenter_service_level_management 3.0.2
- Computer_associates unicenter_service_level_management 3.5.0
- Computer_associates unicenter_service_matrix_analysis 11.0.0
- Computer_associates unicenter_serviceplus_service_desk 5.5.0
- Computer_associates unicenter_serviceplus_service_desk 5.5.1
- Computer_associates unicenter_serviceplus_service_desk 6.0.0
- Computer_associates unicenter_software_delivery 3.0.0
- Computer_associates unicenter_software_delivery 3.1.0
- Computer_associates unicenter_software_delivery 3.1.0 SP1
- Computer_associates unicenter_software_delivery 3.1.0 SP2
- Computer_associates unicenter_software_delivery 4.0.0
- Computer_associates unicenter_software_delivery 4.0.0 SP1
- Computer_associates unicenter_tng 2.1.0
- Computer_associates unicenter_tng 2.2.0
- Computer_associates unicenter_tng 2.4.0
- Computer_associates unicenter_tng 2.4.2
- Computer_associates unicenter_tng 2.5.0
- Computer_associates unicenter_tng_jpn 2.2.0
- Computer_associates unicenter_web_server_management 11.0.0
- Computer_associates vet_antivirus 10.66.0
- Computer_associates vet_antivirus 10.67.0
- Computer_associates vet_antivirus 11.9.1
References