SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Unicenter TNG Vendors:   CA
Computer Associates Unicenter TNG Stack Overflows Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1009425
SecurityTracker URL:  http://securitytracker.com/id/1009425
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Mar 15 2004
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 2.4
Description:   Some buffer overflow vulnerabilities were reported in Computer Associates Unicenter TNG. A remote user can execute arbitrary code on the target system.

Immunity reported that that 'cam.exe' and 'awservices.exe' contain exploitable stack overflow flaws. The report indicated that other TNG services may also be affected.

Impact:   A remote user can execute arbitrary code on the target system.
Solution:   The vendor has reportedly fixed the flaws in TNG 2.5.
Vendor URL:  support.ca.com/tngsupp.html (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  www.immunitysec.com/downloads/awservices.sxw.pdf


Immunity released an advisory announcing some stack overflow vulnerabilities in Computer 
Associates Unicenter TNG Utilities (TNG version 2.4).

The report stated that cam.exe and awservices.exe are affected and that other services may 
also be affected.

The vendor has reportedly fixed the flaws in TNG 2.5.




 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC