Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Gain root remotely --> Category: infos

iTechnology iGateway Content-Length Buffer Overflow Vulnerability Vulnerability Scan

Vulnerability Scan Summary
Checks for Content-Length buffer overflow vulnerability in iTechnology iGateway

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server is affected by a buffer overflow vulnerability.

Description :

The remote host is using Computer Associates iTechnology iGateway
service, a software component used in various products from Computer

The version of the iGateway service installed on the remote host
reportedly fails to sanitize Content-Length HTTP header values before
using them to allocate heap memory. A possible hacker can supply a negative
value, which causes the software to allocate a small buffer, and then
overflow that with a long URI. Successful exploitation of this issue
can lead to a server crash or possibly the execution of arbitrary
code. Note that, under Windows, the server runs with local SYSTEM

See also :

Solution :

Contact the vendor to upgrade to iGateway 4.0.051230 or later.

Threat Level:

Critical / CVSS Base Score : 10

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.