Computer Associates License Application Multiple Vulnerabilities

Computer Associates License Application Multiple Vulnerabilities

The directory traversal vulnerability does not require an exploit.

Two exploits (calicserv_getconfig.pm and calicclnt_getconfig.pm) as part of the Metasploit Framework have been released. These exploits target the GETCONFIG request buffer overflow vulnerability in the client and server.

The exploit 'CALicenseBOExplClass101.cpp' has been released for the buffer overflow in the client application.

/data/vulnerabilities/exploits/calicserv_getconfig.pm
/data/vulnerabilities/exploits/calicclnt_getconfig.pm
/data/vulnerabilities/exploits/CALicenseBOExplClass101.cpp