virus logo Intrusion Prevention

CA.License.Client.PUTOLF.Vuln

description-logoDescription

This indicates a possible exploit of a buffer-overflow and directory-traversal vulnerability in the Computer Associates License Software.
The Computer Associates License Management software is designed to remotely manage and track Licenses of CA products. A buffer overflow and directory traversal vulnerability are reported in it that may allow an attacker to execute arbitrary code on the vulnerable system. This is due to the application's failure to sanitize the filename length and path in a PUTOLF request. For exploiting this, an attacker may send a specially crafted PUTOLF request containing a filename of more than 256 characters to cause a buffer overflow and execute arbitrary code on the system. Similarly, an attacker may craft a name with "../../.." in a PUTOLF request to write arbitrary files on the system.

affected-products-logoAffected Products

Computer Associates License 1.61.8 and earlier version.

Impact logoImpact

Full compromise of the affected system.

recomended-action-logoRecommended Actions

Upgrade to Computer Associates License 1.61.9 or later version.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

1 1
ID 10107
Created Jun 17, 2005
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID CVE-2005-0582 CVE-2005-0583
Exploit Prediction Score 87.75%
Default Action drop
Active
Affected OS Windows, Linux
Affected App CA