Rapid7 Vulnerability & Exploit Database

Computer Associates iTechnology iGateway Service HTTP Content-Length Buffer Overflow

Back to Search

Computer Associates iTechnology iGateway Service HTTP Content-Length Buffer Overflow

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
01/23/2006
Created
07/25/2018
Added
02/26/2008
Modified
02/13/2015

Description

The Computer Associates iGateway service is an HTTP service typically integrated with several commercial products, usually listening on port 5250 for encrypted and unencrypted HTTP requests. iGateway does not properly sanitize the user-supplied Content-Length header, resulting in a heap buffer overflow if an invalid (negative) value is used. An attacker could specify a malicious URI and Content-Length field in an unauthenticated request to the iGateway service to write to any data to arbitrary program memory locations. Since the iGateway service typically runs under SYSTEM level access, complete system compromise is possible.

Solution(s)

  • patch-http-ca-igateway-content-length-bof

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;