October 2005

ID: 00899
Ref: 839/05
Date: 12 October 2005:16:53:23
Version: 1

---

Title: Computer Associates - iGateway debug mode HTTP GET request buffer overflow vulnerability
Abstract: Computer Associates iGateway contains a buffer overflow vulnerability that may allow remote attackers to execute arbitrary code. The vulnerability is due to improper bounds checking of HTTP GET requests by iGateway when debug mode is enabled.
Vendors affected: Computer Associates
Applications affected: Computer Associates

---

Title
=====
Computer Associates - iGateway debug mode HTTP GET request buffer overflow vulnerability


Detail
======

Computer Associates have published a document that explains a buffer overflow in
iGateway. The following is an extract from the document:

" Computer Associates iGateway contains a buffer overflow vulnerability that may
allow remote attackers to execute arbitrary code. The vulnerability is due to
improper bounds checking of HTTP GET requests by iGateway when debug mode is enabled.
Remote attackers can exploit this vulnerability to cause an overflow and execute
arbitrary code. Note: the vulnerability exists in versions of 3.0 and 4.0 made
prior to June 23, 2005. "

According to the Internet Storm Centre (http://isc.sans.org/diary.php?storyid=743)
exploit code for the vulnerability has been published on the Internet.

The full document can be viewed at the following URL:
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33485