52 matches found
Heap overflow
The eCS component ECSQdmn.exe in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service crash and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow...
(0Day) CA ETrust Secure Content Manager Common Services Transport Remote Code Execution Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the eTrust Common Services Transport ECSQdmn.exe running on por...
CA Secure Content Manager FTP Gateway LIST Command Buffer Overflow (CVE-2008-2541)
CA eTrust Secure Content Manager SCM is a gateway product for Windows platform that secures, monitors, filters and blocks potential threats from messaging and Web traffic. It provides protection against malware, spam, phishing, P2P file sharing and prevents access to known spyware sites. All CA S...
CA eTrust Secure Content Manager Gateway FTP PASV Stack Overflow (CVE-2008-2541)
CA eTrust Secure Content Manager SCM is a gateway product for Windows platform that secures, monitors, filters and blocks potential threats from messaging and Web traffic. It provides protection against malware, spam, phishing, P2P file sharing and prevents access to known spyware sites. All CA S...
CA杀毒引擎arclib库多个内存破坏漏洞
BUGTRAQ ID: 36653 CVE ID: CVE-2009-3587,CVE-2009-3588 Computer Associates是世界领先的安全厂商,产品包括多种杀毒软件及备份恢复系统。 多个CA产品杀毒引擎所使用的arclib组件在解析畸形RAR压缩文件时存在堆或栈内存破坏,用户受骗打开恶意文件就会导致拒绝服务或执行任意指令。 Computer Associates eTrust Intrusion Detection 3.0 SP1 Computer Associates eTrust Intrusion Detection 3.0 Computer...
CA eTrust SCM Multiple HTTP Gateway Service Vulnerabilities
The host is installed with CA eTrust Secure Content Manager which is prone to arbitrary code execution and DoS Vulnerabilities. OpenVAS Vulnerability Test $Id: gbcaetrustscmmultvuln.nasl 5370 2017-02-20 15:24:26Z cfi $ CA eTrust SCM Multiple HTTP Gateway Service Vulnerabilities Authors: Veerendra...
Preemptive Protection against CA eTrust Secure Content Manager Gateway FTP PASV Stack Overflow Vulnerability
A buffer overflow vulnerability was discovered in CA eTrust Secure Content Manager. CA eTrust Secure Content Manager SCM is a gateway product for Windows platform that secures, monitors, filters and blocks potential threats from messaging and Web traffic. It provides protection against malware,...
CA Secure Content Manager HTTP Gateway Service Detection
The remote service is the HTTP Gateway Service component of Computer Associates' Secure Content Manager, which is used to filter web traffic. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid33140;...
CA Secure Content Manager HTTP Gateway Service FTP Vulnerabilities
The remote host is running Computer Associates' Secure Content Manager, a gateway product for filtering messaging and web traffic. The HTTP Gateway component 'icihttp.exe' of the version of Secure Content Manager installed on the remote host does not sufficiently check responses to FTP 'LIST' and...
CA eTrust Secure Content Manager多个栈溢出漏洞
BUGTRAQ ID: 29528 CVECAN ID: CVE-2008-2541 eTrust Secure Content Manager(eTrust SCM)是独立、统一的网关解决方案,能够帮助企业从中央管理控制台防范资料窃密以及网络和信息传递威胁。 eTrust SCM运行在8080端口上的HTTP网关服务(icihttp.exe)中存在多个栈溢出漏洞。如果用户发布了FTP服务请求,进程会试图修饰事件处理的内容,在这种情况下如果指定了超长的LIST或PASV命令响应,就会触发栈溢出,导致以SYSTEM权限执行任意指令。 Computer Associates eTrust...
TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability
TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-08-05 June 4, 2008 -- CVE ID: CVE-2008-2541 -- Affected Vendors: Computer Associates -- Affected Products: Computer Associates eTrust Secure Content Manager --...
CA Secure Content Manager HTTP Gateway Service FTP Request Vulnerabilities
Title: CA Secure Content Manager HTTP Gateway Service FTP Request Vulnerabilities CA Advisory Date: 2008-06-03 Reported By: Sebastian Apelt working with ZDI/TippingPoint Cody Pierce, TippingPoint DVLabs Impact: A remote attacker can cause a denial of service or execute arbitrary code. Summary: CA...
CA ETrust Secure Content Manager Gateway multiple security vulnerabilities
Buffer overflow on FTP PASV and LIST commands...
Stack overflow
Multiple stack-based buffer overflows in the HTTP Gateway Service icihttp.exe in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to 1 the file month field in a LIST command; 2 the PASV command; and ...
CVE-2008-2541
CA eTrust Secure Content Manager (SCM) HTTP Gateway Service (icihttp.exe) contains multiple stack-based buffer overflow vulnerabilities when handling FTP responses (LIST and PASV). CVE-2008-2541 allows remote, unauthenticated attackers to execute arbitrary code or cause DoS with SYSTEM privileges...
CVE-2008-2541
Multiple stack-based buffer overflows in the HTTP Gateway Service icihttp.exe in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to 1 the file month field in a LIST command; 2 the PASV command; and ...
CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the HTTP Gateway service icihttp.exe running on port 8080. When...
Code injection
The eTrust Common Services Transport Daemon eCSqdmn in CA Secure Content Manager 8.0.28000.511 and earlier allows remote attackers to cause a denial of service crash or CPU consumption via a malformed packet to TCP port 1882...
CVE-2008-1984
The eTrust Common Services Transport Daemon eCSqdmn in CA Secure Content Manager 8.0.28000.511 and earlier allows remote attackers to cause a denial of service crash or CPU consumption via a malformed packet to TCP port 1882...
CVE-2008-1984
The CVE-2008-1984 entry concerns CA eTrust Secure Content Manager (eCSqdmn, Transport Daemon) affected in 8.0.28000.511 and earlier. The flaw lets remote attackers cause a denial of service (crash or high CPU usage) by sending a malformed packet to TCP port 1882. The underlying root cause is rela...