CVE-2005-2669
UnknownEPSS 7.31%
Last modified
CVE-2005-2669 is a vulnerability of currently unknown severity. Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets.. EPSS estimates a 7.31% chance of exploitation in the next 30 days.
Description
Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets.
Metrics
Affected Software
| Vendor | Product | Versions | Update |
|---|---|---|---|
| Broadcom | Advantage Data Transport | 3.0 | — |
| Broadcom | Adviseit | 2.4 | — |
| Broadcom | Brightstor Portal | 11.1 | — |
| Broadcom | Brightstor San Manager | 1.1 | — |
| Broadcom | Brightstor San Manager | 11.1 | — |
| Broadcom | Cleverpath Aion | 10.0 | — |
| Broadcom | Cleverpath Ecm | 3.5 | — |
| Broadcom | Cleverpath Olap | 5.1 | — |
| Broadcom | Cleverpath Predictive Analysis Server | 2.0 | — |
| Broadcom | Cleverpath Predictive Analysis Server | 3.0 | — |
| Broadcom | Etrust Admin | 8.0 | — |
| Broadcom | Etrust Admin | 8.1 | — |
| Broadcom | Messaging | 1.5 | — |
| Broadcom | Messaging | 1.7 | — |
| Broadcom | Messaging | 1.11 | — |
| Broadcom | Unicenter Application Performance Monitor | 3.0 | — |
| Broadcom | Unicenter Application Performance Monitor | 3.5 | — |
| Broadcom | Unicenter Asset Management | 3.1 | — |
| Broadcom | Unicenter Asset Management | 3.2 | — |
| Broadcom | Unicenter Asset Management | 4.0 | — |
| Broadcom | Unicenter Data Transport Option | 2.0 | — |
| Broadcom | Unicenter Jasmine | 3.0 | — |
| Broadcom | Unicenter Management Portal | 2.0 | — |
| Broadcom | Unicenter Management Portal | 3.1 | — |
| Broadcom | Unicenter Network And Systems Management | 3.0 | — |
| Broadcom | Unicenter Network And Systems Management | 3.1 | — |
| Broadcom | Unicenter Nsm Wireless Network Management Option | 3.0 | — |
| Broadcom | Unicenter Performance Management | 2.4 | Sp3 |
| Broadcom | Unicenter Remote Control | 6.0 | — |
| Broadcom | Unicenter Service Level Management | 3.0 | — |
| Broadcom | Unicenter Service Level Management | 3.0.1 | — |
| Broadcom | Unicenter Service Level Management | 3.0.2 | — |
| Broadcom | Unicenter Service Level Management | 3.5 | — |
| Broadcom | Unicenter Software Delivery | 3.0 | — |
| Broadcom | Unicenter Software Delivery | 3.1 | — |
| Broadcom | Unicenter Software Delivery | 4.0 | — |
| Broadcom | Unicenter Tng | 2.1 | — |
| Broadcom | Unicenter Tng | 2.2 | — |
| Broadcom | Unicenter Tng | 2.4 | — |
| Broadcom | Unicenter Tng | 2.4.2 | — |
| Ca | Etrust Admin | 2.1 | — |
| Ca | Etrust Admin | 2.4 | — |
| Ca | Etrust Admin | 2.7 | — |
| Ca | Etrust Admin | 2.9 | — |
| Ca | Unicenter Asset Management | 4.0 | Sp1 |
| Ca | Unicenter Enterprise Job Manager | 1.0 | Sp1 |
| Ca | Unicenter Management | 3.5 | — |
| Ca | Unicenter Management | 4.0 | — |
| Ca | Unicenter Management | 4.1 | — |
| Ca | Unicenter Management | 5.0 | — |
Showing 50 of 53 affected configurations. See NVD for the full list.
References
- http://secunia.com/advisories/16513Third Party Advisory
- http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.aspBroken Link, Vendor Advisory
- http://www.osvdb.org/18917Broken Link
- http://www.securityfocus.com/bid/14623Third Party Advisory, VDB Entry
- http://www.vupen.com/english/advisories/2005/1482Permissions Required
- http://secunia.com/advisories/16513Third Party Advisory
- http://supportconnectw.ca.com/public/ca_common_docs/camsecurity_notice.aspBroken Link, Vendor Advisory
- http://www.osvdb.org/18917Broken Link
- http://www.securityfocus.com/bid/14623Third Party Advisory, VDB Entry
- http://www.vupen.com/english/advisories/2005/1482Permissions Required
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2005-2669?
Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets.
How severe is CVE-2005-2669?
Severity scoring for CVE-2005-2669 is pending analysis. The EPSS model estimates a 7.31% probability of exploitation in the next 30 days.
How do I fix CVE-2005-2669?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2005-2669?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST