製品・ソフトウェアに関する情報
Vulnerability Search
複数の CA 製品で使用される Message Queuing Server におけるスタックベースのバッファオーバーフローの脆弱性
Title 複数の CA 製品で使用される Message Queuing Server におけるスタックベースのバッファオーバーフローの脆弱性
Summary

CA Advantage Data Transport、eTrust Admin、特定の BrightStor 製品、特定の CleverPath および Unicenter 製品で使用される Computer Associates (CA) Message Queuing (CAM / CAFT) ソフトウェアの Message Queuing Server (Cam.exe) には、スタックベースのバッファオーバーフローの脆弱性が存在します。

Possible impacts 第三者により、TCP ポート 3104 への巧妙に細工されたメッセージを介して、任意のコードを実行される可能性があります。
Solution

ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date July 25, 2007, midnight
Registration Date June 26, 2012, 3:38 p.m.
Last Update June 26, 2012, 3:38 p.m.
CVSS2.0 : 危険
Score 9.3
Vector AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected System
CA Technologies
brightstor portal 
brightstor san manager 
CA Advantage Data Transport 
cleverpath aion 
cleverpath ecm 
cleverpath olap 
cleverpath predictive analysis server 
etrust admin 
unicenter application performance monitor 
unicenter asset management 
unicenter data transport option 
unicenter enterprise job manager 
unicenter jasmine 
unicenter management 
unicenter network and systems management 
unicenter nsm wireless network management option 
unicenter remote control 
unicenter service level management 
Unicenter Software Delivery 
unicenter tng 
CVE (情報セキュリティ 共通脆弱性識別子)
ベンダー情報
Change Log
No Changed Details Date of change
0 [2012年06月26日]
  掲載		 Feb. 17, 2018, 10:37 a.m.
NVD Vulnerability Information
CVE-2007-0060
Summary

Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104.

Publication Date July 26, 2007, 9:30 a.m.
Registration Date Jan. 29, 2021, 2:04 p.m.
Last Update April 15, 2021, 12:46 a.m.
Affected software configurations
Configuration1 or higher or less more than less than
cpe:2.3:a:broadcom:advantage_data_transport:3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:cleverpath_aion:10.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:cleverpath_ecm:3.5:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:cleverpath_olap:5.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:2.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_admin:8.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.5:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_asset_management:3.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_asset_management:3.2:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp1:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp2:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_asset_management:4.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_data_transport_option:2.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_jasmine:3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_nsm_wireless_network_management_option:3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_remote_control:6.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_remote_control:6.0:sp1:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_service_level_management:3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_service_level_management:3.5:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_software_delivery:3.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp1:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp2:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_software_delivery:4.0:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_tng:2.1:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_tng:2.2:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_tng:2.4:*:*:*:*:*:*:*
cpe:2.3:a:broadcom:unicenter_tng:2.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_admin:2.1:*:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_admin:2.4:*:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_admin:2.7:*:*:*:*:*:*:*
cpe:2.3:a:ca:etrust_admin:2.9:*:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_asset_management:4.0:sp1:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp1:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp2:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_management:4.0:*:lotus_notes_domino:*:*:*:*:*
cpe:2.3:a:ca:unicenter_management:4.0:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:ca:unicenter_management:4.1:*:microsoft_exchange:*:*:*:*:*
cpe:2.3:a:ca:unicenter_management:5.0:*:web_servers:*:*:*:*:*
cpe:2.3:a:ca:unicenter_management:5.0.1:*:web_servers:*:*:*:*:*
cpe:2.3:a:ca:unicenter_software_delivery:4.0:sp1:*:*:*:*:*:*
cpe:2.3:a:ca:unicenter_tng:2.2:*:*:ja:*:*:*:*
Related information, measures and tools
Common Vulnerabilities List