Computer Associates has an announcement concerning an "iGateway debug mode HTTP GET request buffer overflow vulnerability" that says "Remote attackers can execute arbitrary code." Exploit code is publicly available. Their is no patch available at this moment, the recommended workaround is "do not run iGateway in debug mode." Computer Associates announcement references CA iGateway 3.0, and CA iGateway 4.0.
|
Patrick 193 Posts Oct 11th 2005 |
Thread locked Subscribe |
Oct 11th 2005 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!