License Patches Are Now Available To Address Buffer Overflows

From: Williams, James K (James.Williams_at_CA.COM)
Date: 03/02/05

  • Next message: Karl Lynn: "EEYE: Computer Associates License Manager Remote Vulnerabilities"
    Date:         Wed, 2 Mar 2005 10:40:26 -0500

    CA License Security Notice

    Attention CA Customers:
    License Patches Are Now Available To Address Buffer Overflows

    Working closely with eEye Digital Security® and iDEFENSE, the
    CA Technical Support team has resolved multiple vulnerability
    issues recently discovered in the CA License software. Both
    eEye and iDEFENSE have confirmed that these vulnerabilities
    have been properly addressed. CA has made patches available
    to any affected license users.

    Buffer overflow conditions can potentially allow arbitrary
    code to be executed remotely with local SYSTEM privileges.
    This affects versions of the CA License software v1.53
    through v1.61.8 on the specified platforms. Customers with
    these vulnerable versions should upgrade to CA License 1.61.9
    or higher. CA License patches that address these issues can
    be downloaded from the link below.

    CA strongly recommends the application of the appropriate CA
    License patch.

    Affected products:

    The vulnerability exists if the CA License package version
    on the system is between v1.53 and v1.61.8.

    Affected platforms:

    AIX, DEC, HP-UX, Linux Intel, Linux s/390, Solaris, Windows
    and Apple Mac.

    Determining CA License versions:

    1. Obtain the CA License package version:

    Windows: The CA license package version can be obtained by
    checking the file version of lic98version.exe. Right click
    on lic98version.exe, choose Properties, and then select the
    Version tab.

    Unix/Linux/Mac: Run lic98version from a command prompt to
    print out the version number and/or write it to


    2. Obtain the version of the vulnerable file:

    If the lic98version file does not exist on the system (which
    may be the case with older versions of the license package),
    check the version of the affected file itself:

    Windows: Obtain the version of lic98rmt.exe by right-clicking
    on the file, choosing Properties, and then selecting the
    Version tab. The vulnerability exists if the version is
    between and 1.4.6.

    Unix/Linux/Mac - Run strings licrmt | grep BUILD from a
    Command prompt. The following string format will be returned:
    "LICAGENT BUILD INFO = /x.x.x/Apr 16 2003/17:13:35", Where
    x.x.x is the file version. The vulnerability exists if this
    file version is between v1.0.15 thru v1.4.6.

    Note the following default license install directories:
    Windows: C:\CA_LIC or C:\Program Files\CA\SharedComponents\CA_LIC
    Unix/Linux/Mac: /opt/CA/ca_lic or /opt/CA/SharedComponents/ca_lic

    Should you require additional information, please contact
    CA Technical Support at

    Select Language for translations of this advisory:
    Japanese (日本語):
    Chinese (中文):

    Computer Associates International, Inc. (CA).
    One Computer Associates Plaza. Islandia, NY 11749
    Contact Us
    Legal Notice
    Privacy Policy
    © 2005 Computer Associates International, Inc.
    All rights reserved


    Ken Williams ; Vulnerability Research
    Computer Associates ;
    A9F9 44A6 B421 FF7D 4000 E6A9 7925 91DF E294 1985

  • Next message: Karl Lynn: "EEYE: Computer Associates License Manager Remote Vulnerabilities"