CA iGateway debug mode HTTP GET request bo vulnerability/exploit

Published: 2005-10-11
Last Updated: 2005-10-11 10:28:31 UTC
by Patrick Nolan (Version: 1)
0 comment(s)
Computer Associates has an announcement concerning an "iGateway debug mode HTTP GET request buffer overflow vulnerability" that says "Remote attackers can execute arbitrary code." Exploit code is publicly available. Their is no patch available at this moment, the recommended workaround is "do not run iGateway in debug mode." Computer Associates announcement references CA iGateway 3.0, and CA iGateway 4.0.
0 comment(s)


Diary Archives