Signature Detail

DB: Ingres Database uuid_from_char Overflow

This signature detects attempts to exploit a known vulnerability in the Ingres Database. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server, typically root.

Extended Description

Ingress Database Server included in CA eTrust Secure Content Manager is prone to multiple remote vulnerabilities, including multiple stack- and heap-based buffer-overflow issues, multiple pointer-overwrite issues, and an arbitrary-file-overwrite issue. Successful exploits will allow attackers to completely compromise affected computers, including executing arbitrary code with SYSTEM-level privileges and truncating the 'alarkp.def' file.

Affected Products

• Computer Associates Advantage Data Transformer 2.2.0
• Computer Associates AllFusion Enterprise Workbench 1.1
• Computer Associates AllFusion Enterprise Workbench 1.1 SP1
• Computer Associates AllFusion Enterprise Workbench 7
• Computer Associates AllFusion Enterprise Workbench 7.1
• Computer Associates AllFusion Harvest Change Manager 7
• Computer Associates AllFusion Harvest Change Manager 7.1
• Computer Associates ARCserve Backup for Laptops and Desktops 11.5
• Computer Associates BrightStor ARCServe Backup 11.1.0
• Computer Associates BrightStor ARCServe Backup 11.5
• Computer Associates BrightStor ARCServe Backup for Linux 11.1.0
• Computer Associates BrightStor ARCServe Backup for Linux 9.0.0
• Computer Associates BrightStor Enterprise Backup for AIX 10.5.0
• Computer Associates BrightStor Enterprise Backup for HP 10.5.0
• Computer Associates BrightStor Enterprise Backup for Solaris 10.5.0
• Computer Associates BrightStor Enterprise Backup for Tru64 10.5.0
• Computer Associates BrightStor Storage Command Center 11.5
• Computer Associates BrightStor Storage Resource Manager 11.5
• Computer Associates CCS 11
• Computer Associates CleverPath Aion BPM 10.1
• Computer Associates CleverPath Aion BRE 10.1
• Computer Associates CleverPath Predictive Analysis Server 3.0.0
• Computer Associates DocServer 1.1
• Computer Associates eTrust Admin 8.0.0
• Computer Associates eTrust Admin 8.1.0
• Computer Associates eTrust Admin 8.1 SP1
• Computer Associates eTrust Admin 8.1 SP2
• Computer Associates eTrust Audit R8
• Computer Associates eTrust Directory 8.1
• Computer Associates eTrust IAM Suite 8
• Computer Associates eTrust IAM Toolkit 8
• Computer Associates eTrust IAM Toolkit 8.1
• Computer Associates eTrust Identity Manager 8.1
• Computer Associates eTrust Network Forensics 8.1
• Computer Associates eTrust Secure Content Manager 8.0.0
• Computer Associates eTrust Single Sign-On 7
• Computer Associates eTrust Single Sign-On 8
• Computer Associates eTrust Single Sign-On 8.1
• Computer Associates eTrust Web Access Control 1.0
• Computer Associates Unicenter Advanced Systems Management 11
• Computer Associates Unicenter Asset Intelligence 11
• Computer Associates Unicenter Asset Management 11
• Computer Associates Unicenter Asset Portfolio Management 11.0.0
• Computer Associates Unicenter Asset Portfolio Management 11.2.1
• Computer Associates Unicenter Asset Portfolio Management 11.3
• Computer Associates Unicenter CA Web Services Distributed Management 3.11
• Computer Associates Unicenter CA Web Services Distributed Management 3.5
• Computer Associates Unicenter Database Command Center 11.1
• Computer Associates Unicenter Desktop and Server Management 11
• Computer Associates Unicenter Desktop Management Suite 11
• Computer Associates Unicenter Enterprise Job Manager 1.0 SP3
• Computer Associates Unicenter Enterprise Job Manager 1.0 SP4
• Computer Associates Unicenter Job Management Option 11.0
• Computer Associates Unicenter Lightweight Portal 2
• Computer Associates Unicenter Management Portal 3.1.1
• Computer Associates Unicenter Network and Systems Management 11
• Computer Associates Unicenter Network and Systems Management 3.0
• Computer Associates Unicenter Network and Systems Management 3.1
• Computer Associates Unicenter Patch Management 11
• Computer Associates Unicenter Remote Control 11
• Computer Associates Unicenter Remote Control 6.0.0
• Computer Associates Unicenter Service Assure 11
• Computer Associates Unicenter Service Assure 11.1
• Computer Associates Unicenter Service Assure 2.2
• Computer Associates Unicenter Service Catalog 11
• Computer Associates Unicenter Service Delivery 11.0.0
• Computer Associates Unicenter Service Delivery 11.1
• Computer Associates Unicenter Service Intelligence 11
• Computer Associates Unicenter Service Metric Analysis 11
• Computer Associates Unicenter Service Metric Analysis 11.1
• Computer Associates Unicenter Service Metric Analysis 3.0.2
• Computer Associates Unicenter Service Metric Analysis 3.5.0
• Computer Associates Unicenter ServicePlus Service Desk 11
• Computer Associates Unicenter ServicePlus Service Desk 11.1
• Computer Associates Unicenter ServicePlus Service Desk 11.2
• Computer Associates Unicenter ServicePlus Service Desk 5.5 SP3
• Computer Associates Unicenter ServicePlus Service Desk 6.0.0
• Computer Associates Unicenter ServicePlus Service Desk 6.0 SP1
• Computer Associates Unicenter Software Delivery 11
• Computer Associates Unicenter TNG 2.2.0
• Computer Associates Unicenter TNG 2.4.2
• Computer Associates Unicenter TNG 2.4.2J
• Computer Associates Unicenter Workload Control Center 1.0 SP4
• Computer Associates Unicenter Workload Control Center 1.0.SP4
• Computer Associates Wily SOA Manager 7.1
• Ingres Corporation Ingres Database 2.5
• Ingres Corporation Ingres Database 2.6
• Ingres Corporation Ingres Database 3.0.3
• Ingres Corporation Ingres Database 2006

References

• BugTraq: 24585
• CVE: CVE-2007-3338
• URL: http://www.ngssoftware.com/advisories/high-risk-vulnerability-in-ingres-stack-overflow/