CVE-2005-2668 (CNNVD-200508-250)
CRITICAL
有利用代码
中文标题:
CA Unicenter CAM 安全漏洞
英文标题:
Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before...
CVSS分数:
10.0
发布时间:
2005-08-23 04:00:00
漏洞类型:
其他
状态:
PUBLISHED
数据质量分数:
0.30
数据版本:
v4
漏洞描述
中文描述:
CA Unicenter Management Portal提供对企业管理信息的访问,提供个性化WEB接口等各种Unicenter管理解决方案。 CA Unicenter的CAM服务实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞在主机上执行任意指令。通过向log_security()调用传递一个超长的参数,远程攻击者可以导致缓冲区溢出,精心构造的参数值可以使主机执行攻击者指定的任意指令。
英文描述:
Multiple buffer overflows in Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allow remote attackers to execute arbitrary code via unknown vectors.
CWE类型:
(暂无数据)
标签:
remote
windows_x86
Metasploit
OSVDB-18916
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| broadcom | advantage_data_transport | 3.0 | - | - |
cpe:2.3:a:broadcom:advantage_data_transport:3.0:*:*:*:*:*:*:*
|
| broadcom | adviseit | 2.4 | - | - |
cpe:2.3:a:broadcom:adviseit:2.4:*:*:*:*:*:*:*
|
| broadcom | brightstor_portal | 11.1 | - | - |
cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*
|
| broadcom | brightstor_san_manager | 1.1 | - | - |
cpe:2.3:a:broadcom:brightstor_san_manager:1.1:*:*:*:*:*:*:*
|
| broadcom | brightstor_san_manager | 11.1 | - | - |
cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*
|
| broadcom | cleverpath_aion | 10.0 | - | - |
cpe:2.3:a:broadcom:cleverpath_aion:10.0:*:*:*:*:*:*:*
|
| broadcom | cleverpath_ecm | 3.5 | - | - |
cpe:2.3:a:broadcom:cleverpath_ecm:3.5:*:*:*:*:*:*:*
|
| broadcom | cleverpath_olap | 5.1 | - | - |
cpe:2.3:a:broadcom:cleverpath_olap:5.1:*:*:*:*:*:*:*
|
| broadcom | cleverpath_predictive_analysis_server | 2.0 | - | - |
cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:2.0:*:*:*:*:*:*:*
|
| broadcom | cleverpath_predictive_analysis_server | 3.0 | - | - |
cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:3.0:*:*:*:*:*:*:*
|
| broadcom | etrust_admin | 8.0 | - | - |
cpe:2.3:a:broadcom:etrust_admin:8.0:*:*:*:*:*:*:*
|
| broadcom | etrust_admin | 8.1 | - | - |
cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*
|
| broadcom | messaging | 1.5 | - | - |
cpe:2.3:a:broadcom:messaging:1.5:*:*:*:*:*:*:*
|
| broadcom | messaging | 1.7 | - | - |
cpe:2.3:a:broadcom:messaging:1.7:*:*:*:*:*:*:*
|
| broadcom | messaging | 1.11 | - | - |
cpe:2.3:a:broadcom:messaging:1.11:*:*:*:*:*:*:*
|
| broadcom | unicenter_application_performance_monitor | 3.0 | - | - |
cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.0:*:*:*:*:*:*:*
|
| broadcom | unicenter_application_performance_monitor | 3.5 | - | - |
cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.5:*:*:*:*:*:*:*
|
| broadcom | unicenter_asset_management | 3.1 | - | - |
cpe:2.3:a:broadcom:unicenter_asset_management:3.1:*:*:*:*:*:*:*
|
| broadcom | unicenter_asset_management | 3.2 | - | - |
cpe:2.3:a:broadcom:unicenter_asset_management:3.2:*:*:*:*:*:*:*
|
| broadcom | unicenter_asset_management | 4.0 | - | - |
cpe:2.3:a:broadcom:unicenter_asset_management:4.0:*:*:*:*:*:*:*
|
| broadcom | unicenter_data_transport_option | 2.0 | - | - |
cpe:2.3:a:broadcom:unicenter_data_transport_option:2.0:*:*:*:*:*:*:*
|
| broadcom | unicenter_jasmine | 3.0 | - | - |
cpe:2.3:a:broadcom:unicenter_jasmine:3.0:*:*:*:*:*:*:*
|
| broadcom | unicenter_management_portal | 2.0 | - | - |
cpe:2.3:a:broadcom:unicenter_management_portal:2.0:*:*:*:*:*:*:*
|
| broadcom | unicenter_management_portal | 3.1 | - | - |
cpe:2.3:a:broadcom:unicenter_management_portal:3.1:*:*:*:*:*:*:*
|
| broadcom | unicenter_network_and_systems_management | 3.0 | - | - |
cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*
|
| broadcom | unicenter_network_and_systems_management | 3.1 | - | - |
cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*
|
| broadcom | unicenter_nsm_wireless_network_management_option | 3.0 | - | - |
cpe:2.3:a:broadcom:unicenter_nsm_wireless_network_management_option:3.0:*:*:*:*:*:*:*
|
| broadcom | unicenter_performance_management | 2.4 | - | - |
cpe:2.3:a:broadcom:unicenter_performance_management:2.4:sp3:openvms:*:*:*:*:*
|
| broadcom | unicenter_remote_control | 6.0 | - | - |
cpe:2.3:a:broadcom:unicenter_remote_control:6.0:*:*:*:*:*:*:*
|
| broadcom | unicenter_service_level_management | 3.0 | - | - |
cpe:2.3:a:broadcom:unicenter_service_level_management:3.0:*:*:*:*:*:*:*
|
| broadcom | unicenter_service_level_management | 3.0.1 | - | - |
cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.1:*:*:*:*:*:*:*
|
| broadcom | unicenter_service_level_management | 3.0.2 | - | - |
cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.2:*:*:*:*:*:*:*
|
| broadcom | unicenter_service_level_management | 3.5 | - | - |
cpe:2.3:a:broadcom:unicenter_service_level_management:3.5:*:*:*:*:*:*:*
|
| broadcom | unicenter_software_delivery | 3.0 | - | - |
cpe:2.3:a:broadcom:unicenter_software_delivery:3.0:*:*:*:*:*:*:*
|
| broadcom | unicenter_software_delivery | 3.1 | - | - |
cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:*:*:*:*:*:*:*
|
| broadcom | unicenter_software_delivery | 4.0 | - | - |
cpe:2.3:a:broadcom:unicenter_software_delivery:4.0:*:*:*:*:*:*:*
|
| broadcom | unicenter_tng | 2.1 | - | - |
cpe:2.3:a:broadcom:unicenter_tng:2.1:*:*:*:*:*:*:*
|
| broadcom | unicenter_tng | 2.2 | - | - |
cpe:2.3:a:broadcom:unicenter_tng:2.2:*:*:*:*:*:*:*
|
| broadcom | unicenter_tng | 2.4 | - | - |
cpe:2.3:a:broadcom:unicenter_tng:2.4:*:*:*:*:*:*:*
|
| broadcom | unicenter_tng | 2.4.2 | - | - |
cpe:2.3:a:broadcom:unicenter_tng:2.4.2:*:*:*:*:*:*:*
|
| ca | etrust_admin | 2.1 | - | - |
cpe:2.3:a:ca:etrust_admin:2.1:*:*:*:*:*:*:*
|
| ca | etrust_admin | 2.4 | - | - |
cpe:2.3:a:ca:etrust_admin:2.4:*:*:*:*:*:*:*
|
| ca | etrust_admin | 2.7 | - | - |
cpe:2.3:a:ca:etrust_admin:2.7:*:*:*:*:*:*:*
|
| ca | etrust_admin | 2.9 | - | - |
cpe:2.3:a:ca:etrust_admin:2.9:*:*:*:*:*:*:*
|
| ca | unicenter_asset_management | 4.0 | - | - |
cpe:2.3:a:ca:unicenter_asset_management:4.0:sp1:*:*:*:*:*:*
|
| ca | unicenter_enterprise_job_manager | 1.0 | - | - |
cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp1:*:*:*:*:*:*
|
| ca | unicenter_management | 3.5 | - | - |
cpe:2.3:a:ca:unicenter_management:3.5:*:websphere_mq:*:*:*:*:*
|
| ca | unicenter_management | 4.0 | - | - |
cpe:2.3:a:ca:unicenter_management:4.0:*:lotus_notes_domino:*:*:*:*:*
|
| ca | unicenter_management | 4.1 | - | - |
cpe:2.3:a:ca:unicenter_management:4.1:*:microsoft_exchange:*:*:*:*:*
|
| ca | unicenter_management | 5.0 | - | - |
cpe:2.3:a:ca:unicenter_management:5.0:*:web_servers:*:*:*:*:*
|
| ca | unicenter_management | 5.0.1 | - | - |
cpe:2.3:a:ca:unicenter_management:5.0.1:*:web_servers:*:*:*:*:*
|
| ca | unicenter_software_delivery | 4.0 | - | - |
cpe:2.3:a:ca:unicenter_software_delivery:4.0:sp1:*:*:*:*:*:*
|
| ca | unicenter_tng | 2.2 | - | - |
cpe:2.3:a:ca:unicenter_tng:2.2:*:*:ja:*:*:*:*
|
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
14622
vdb-entry
cve.org
访问
cve.org
无标题
x_refsource_MISC
cve.org
访问
cve.org
18916
vdb-entry
cve.org
访问
cve.org
无标题
x_refsource_CONFIRM
cve.org
访问
cve.org
16513
third-party-advisory
cve.org
访问
cve.org
VU#619988
third-party-advisory
cve.org
访问
cve.org
ADV-2005-1482
vdb-entry
cve.org
访问
cve.org
ExploitDB EDB-16825
EXPLOIT
exploitdb
访问
exploitdb
Download Exploit EDB-16825
EXPLOIT
exploitdb
访问
exploitdb
CVE Reference: CVE-2005-2668
ADVISORY
cve.org
访问
cve.org
CVSS评分详情
10.0
CRITICAL
CVSS向量:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS版本:
2.0
机密性
COMPLETE
完整性
COMPLETE
可用性
COMPLETE
时间信息
发布时间:
2005-08-23 04:00:00
修改时间:
2024-08-07 22:45:01
创建时间:
2025-11-11 15:32:27
更新时间:
2025-11-11 16:11:15
利用信息
此漏洞有可利用代码!
利用代码数量:
1
利用来源:
未知
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2005-2668 |
2025-11-11 15:17:35 | 2025-11-11 07:32:27 |
| NVD | nvd_CVE-2005-2668 |
2025-11-11 14:51:19 | 2025-11-11 07:41:13 |
| CNNVD | cnnvd_CNNVD-200508-250 |
2025-11-11 15:08:48 | 2025-11-11 07:49:00 |
| EXPLOITDB | exploitdb_EDB-16825 |
2025-11-11 15:05:59 | 2025-11-11 08:11:15 |
版本与语言
当前版本:
v4
主要语言:
EN
支持语言:
EN
ZH
其他标识符:
:
:
安全公告
暂无安全公告信息
变更历史
v4
EXPLOITDB
2025-11-11 16:11:15
references_count: 7 → 10; tags_count: 0 → 4; data_sources: ['cnnvd', 'cve', 'nvd'] → ['cnnvd', 'cve', 'exploitdb', 'nvd']
查看详细变更
- references_count: 7 -> 10
- tags_count: 0 -> 4
- data_sources: ['cnnvd', 'cve', 'nvd'] -> ['cnnvd', 'cve', 'exploitdb', 'nvd']
v3
CNNVD
2025-11-11 15:49:00
vulnerability_type: 未提取 → 其他; cnnvd_id: 未提取 → CNNVD-200508-250; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 其他
- cnnvd_id: 未提取 -> CNNVD-200508-250
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2
NVD
2025-11-11 15:41:13
severity: SeverityLevel.MEDIUM → SeverityLevel.CRITICAL; cvss_score: 未提取 → 10.0; cvss_vector: NOT_EXTRACTED → AV:N/AC:L/Au:N/C:C/I:C/A:C; cvss_version: NOT_EXTRACTED → 2.0; affected_products_count: 0 → 53; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
- severity: SeverityLevel.MEDIUM -> SeverityLevel.CRITICAL
- cvss_score: 未提取 -> 10.0
- cvss_vector: NOT_EXTRACTED -> AV:N/AC:L/Au:N/C:C/I:C/A:C
- cvss_version: NOT_EXTRACTED -> 2.0
- affected_products_count: 0 -> 53
- data_sources: ['cve'] -> ['cve', 'nvd']