Intrusion Prevention

CA.Unicenter.Message.Queuing.Segments.Buffer.Overflow

Description

This vulnerability affects various Computer Associates products related to the CA Message Queueing software. The CAM port (port 4105/tcp) is vulnerable to a buffer overflow that can be used to cause Denial of Service or to execute arbitrary code leading to system compromise. This is due application failure to properly handle an overly long parameter passed to the "log_security()" function.

Affected Products

System compromise, remote code execution, Denial of Service.

Impact

Affects the following versions of the CA Message Queuing software:
v1.07 - all builds prior to 220_13
v1.07 - builds 230 & 231
v1.11 - all builds prior to 29_13
Affected products:
AdviseIT 2.4
Advantage Data Transport 3.0
BrightStor SAN Manager 1.1, 1.1 SP1, 1.1 SP2, 11.1
BrightStor Portal 11.1
CleverPath OLAP 5.1
CleverPath ECM 3.5
CleverPath Predictive Analysis Server 3.0
eTrust Admin 2.01, 2.04, 2.07, 2.09, 8.0, 8.1
Unicenter Performance Management for OpenVMS r2.4 SP3
Unicenter Application Performance Monitor 3.0, 3.5
Unicenter Asset Management 3.1, 3.2, 3.2 SP1, 3.2 SP2, 4.0, 4.0 SP1
Unicenter Data Transport Option 2.0
Unicenter Enterprise Job Manager 1.0 SP1, 1.0 SP2
Unicenter Jasmine 3.0
Unicenter Management for WebSphere MQ 3.5
Unicenter Management for Microsoft Exchange 4.0, 4.1
Unicenter Management for Lotus Notes/Domino 4.0
Unicenter Management for Web Servers 5, 5.0.1
Unicenter NSM 3.0, 3.1
Unicenter NSM Wireless Network Management Option 3.0
Unicenter Remote Control 6.0, 6.0 SP1
Unicenter Service Level Management 3.0, 3.0.1, 3.0.2, 3.5
Unicenter Software Delivery 3.0, 3.1, 3.1 SP1, 3.1 SP2, 4.0, 4.0 SP1
Unicenter TNG 2.1, 2.2, 2.4, 2.4.2
Unicenter TNG JPN 2.2

Recommended Actions

Patch according to vendor advisory:
http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.asp

CVE References

CVE-2005-2668