A Vulnerability Scan has detected and reported a vulnerability similar to this:
38429 CA (Computer Associates) Unicenter TNG Utilities Multiple Remote Buffer Overflow Vulnerabilities.
This is also associated to CVE-2004-1812
Can occur in 12.5, 12.6, 14.0, 14.1, 14.2 and 14.3 versions of Identity Manager.
The Remote Buffer Overflow vulnerability is a known problem that occurs in CAM, which is used with the Provisioning Server. A fix is included in CAM 1.14 build 1, however the scan may still report the vulnerability even when CAM 1.14 build 1 is installed. In most cases the reported vulnerability should be considered a false alarm (see Resolution below).
The vulnerability is fixed in CAM 1.14 build 1.
1. Verify the CAM version by running camstat at the command prompt on the Provisioning Server.
The output of camstat will look something like this.
CAM - Version 1.14 (Build 1)
2. If your current CAM version is 1.14 (Build 1) there is no further action required and the vulnerability reported by the scan should be ignored as a false alarm.
If your CAM version is lower than 1.14 Build 1 you may need to upgrade, though all current versions of Identity Manager should have 1.1.4 build 1. Please contact Support for assistance if camstat does not show CAM - Version 1.14 (Build 1).
3. CA Identity Manager 14.4 also shows Version 14.1 (Build 1) But Qualys Tool does not show as vulnerable
Release: CAPUEL99000-12.5-Identity Manager-Blended upgrade to Identity &-Access Mgmt Ente
Please Update This Required Field