mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
386 lines
15 KiB
JSON
386 lines
15 KiB
JSON
{
|
|
"id": "CVE-2007-0060",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2007-07-26T00:30:00.000",
|
|
"lastModified": "2021-04-14T15:46:28.003",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Desbordamiento de b\u00fafer basado en pila en Message Queuing Server (Cam.exe) en CA (formalmente Computer Associates) Message Queuing (CAM / CAFT) software anterior a 1.11 construccion 54_4 sobre Windows y NetWare, utilizado en CA Advantage Data Transport, eTrust Admin, ciertos productos BrightStor, ciertos productos CleverPath, y ciertos productos Unicenter, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un mensaje manipulado en el puerto TCP 3104."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 9.3
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": true,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:advantage_data_transport:3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "27A14CFE-F64B-478F-938F-9BFABDC1519E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:brightstor_portal:11.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7F206D15-FF0D-400E-9727-5DA6C07B57EC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:brightstor_san_manager:11.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FA67A49C-688A-4B6E-8B90-BEC937FCEE20"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:brightstor_san_manager:11.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FFD847AD-8AD1-40C1-9582-CC234D900CEE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:cleverpath_aion:10.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "076561DB-925A-41BA-A444-D4484FA87227"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:cleverpath_ecm:3.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E3FE1453-0ECA-459B-8F23-776DF90617D6"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:cleverpath_olap:5.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "50055C0C-3B7E-452D-A5FC-C618D0CC61B0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D1D4FBE7-1B60-49AE-B5CD-FA1783454D75"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:cleverpath_predictive_analysis_server:3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FE46A9BF-C703-4A90-98A4-0211E909DFC1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:etrust_admin:8.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C03E1D5A-61EC-4B9E-96B1-69015D9210F5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:etrust_admin:8.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "08594EFB-E04B-42E8-BE00-C3ACDB62BA4C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F6256DDC-50D7-489F-A04D-763AC41E6711"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_application_performance_monitor:3.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9AD68320-7B1C-4651-ADA3-FD6AB599D375"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_asset_management:3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C9FDBE82-E553-4504-A347-9C181B9B59FA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_asset_management:3.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3A600F40-3E4D-4976-B82B-D7005CC4605C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3696554E-AC8B-4028-81EA-A5BF9D7026EC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_asset_management:3.2:sp2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AE772B0B-9B5A-4768-B3F5-D6195ACE90AE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_asset_management:4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "358E054A-2298-486B-88A4-44AB6864904E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_data_transport_option:2.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9EC742EE-03C6-4BDC-AEF8-03609D6498E2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_jasmine:3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EBFCD53C-9536-4A62-B5A5-DAA8FFCA611F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CE9C8A1C-0A55-4CA5-9BB6-2D03EFCFE699"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_network_and_systems_management:3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2EFA39E3-A614-4A64-B29C-86D6F12F1557"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_nsm_wireless_network_management_option:3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AB83D7E3-D798-45C5-BCC5-805B56D87CB5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_remote_control:6.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "53C2C33D-8403-4C75-8A52-713393FE408F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_remote_control:6.0:sp1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D293FB82-D21B-4BDD-A511-B994B557032A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "90FF8920-8E4E-4369-96A8-954ECC05D0A1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "173467CF-3871-49BA-B54A-27BA492F8433"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B6AE0157-B6C9-4112-A3A6-5B040B19D4FF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_service_level_management:3.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B7D03F79-22E5-49A3-AB05-14F8EDB04D51"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6BAB1CA3-B423-4656-9532-29D02917C2BA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7352EEC1-8FA1-431F-9A92-B0AA8B17F2E0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "52933E5F-06B7-45E2-B8E5-9B25351E67A7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_software_delivery:3.1:sp2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8A5FFBD6-2820-43D6-B945-FBFD6F6CFD72"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_software_delivery:4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E17048CC-F3C9-47BC-87DE-4D431BC7E1C2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_tng:2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2799F9BF-4C19-4268-AE41-03E9D1994CCD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_tng:2.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2AA4FB17-296A-4D26-9491-B7C151C45235"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_tng:2.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D2C5704D-3337-4351-872B-AF987DC39BC5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:broadcom:unicenter_tng:2.4.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6EFF2305-24CF-48F7-841E-63400CF25B48"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:etrust_admin:2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "96FE3512-D29B-4392-8DF8-B3B3A1F521BD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:etrust_admin:2.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9798A112-CE4D-435D-B80D-E4A4C7209A94"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:etrust_admin:2.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "541D4956-3E82-4FA7-B18A-37D383D987A2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:etrust_admin:2.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E836C2F1-2E93-4D4B-B0C3-3264762B26BA"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:unicenter_asset_management:4.0:sp1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "18F48B87-E943-4915-83D2-5F08BD6D1825"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B42FDB59-00C8-4D6A-B6F0-C880E9C3F1D9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:unicenter_enterprise_job_manager:1.0:sp2:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3A07DB6F-666C-4D87-9F7A-B17BE7454E4F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:unicenter_management:4.0:*:lotus_notes_domino:*:*:*:*:*",
|
|
"matchCriteriaId": "DA6C17EE-38A9-4E8E-92E3-14D57E4BB546"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:unicenter_management:4.0:*:microsoft_exchange:*:*:*:*:*",
|
|
"matchCriteriaId": "A4F96A84-A69D-4017-A27D-09C7B95BA696"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:unicenter_management:4.1:*:microsoft_exchange:*:*:*:*:*",
|
|
"matchCriteriaId": "7FAD2FF7-1878-49F7-8F44-4E7DC4471F49"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:unicenter_management:5.0:*:web_servers:*:*:*:*:*",
|
|
"matchCriteriaId": "62B98B62-F00C-4F3E-B891-18AD04A37725"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:unicenter_management:5.0.1:*:web_servers:*:*:*:*:*",
|
|
"matchCriteriaId": "15726391-DF79-4EDE-AE6E-9D7B7E0EB654"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:unicenter_software_delivery:4.0:sp1:*:*:*:*:*:*",
|
|
"matchCriteriaId": "16C98B61-52A4-4A67-BABA-B83AF6C7851C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ca:unicenter_tng:2.2:*:*:ja:*:*:*:*",
|
|
"matchCriteriaId": "24BF5923-42E7-403E-81F0-D3136C58ECE8"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://supportconnectw.ca.com/public/dto_transportit/infodocs/camsgquevul-secnot.asp",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=149809",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.iss.net/threats/272.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Broken Link"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/474602/100/0/threaded",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/25051",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securitytracker.com/id?1018449",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2007/2638",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32234",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
}
|
|
]
|
|
} |