Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-2668

4 documents4 sources

Severity

10.0CRITICAL

EPSS

82.9%

top 0.75%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Broadcom Advantage Data Transport Broadcom Adviseit Broadcom Brightstor Portal +25 more

Timeline

PublishedAug 23

Latest updateMay 1

Description

Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages28 packages

▶NVDbroadcom/unicenter_remote_control6.0

▶NVDca/etrust_admin4 versions+3

▶NVDca/unicenter_tng2.2

▶NVDbroadcom/adviseit2.4

▶NVDbroadcom/messaging1.11, 1.5, 1.7+2

Patches

Patch: www.securityfocus.com ↗Patch: www3.ca.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-6vjm-hq64-q4jw: Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1↗2022-05-01

▶

CVEList

CVE-2005-2668: Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1↗2005-08-23

▶

💥Exploits & PoCs

Exploit-DB

CA CAM (Windows x86) - 'log_security()' Remote Stack Buffer Overflow (Metasploit)↗2010-09-20

▶