CA Gateway Security Remote Code Execution Vulnerability

This host is installed with CA Gateway Security and is prone to remote code execution Vulnerability. OpenVAS Vulnerability Test $Id: gbcagatewaysecurityremotecodeexecutionvuln.nasl 7024 2017-08-30 11:51:43Z teissa $ CA Gateway Security Remote Code Execution Vulnerability Authors: Rachana Shetty...

CA Gateway Security RCE Vulnerability

CA Gateway Security is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2011-2667

Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption and daemon crash via a malformed...

Memory corruption

Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption and daemon crash via a malformed...

CVE-2011-2667

Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption and daemon crash via a malformed...

CVE-2011-2667

CA Gateway Security (and CA Total Defense r12) is affected by CVE-2011-2667 due to a flawed URL parsing loop in the Icihttp.exe module, which can overflow heap memory on HTTP requests received on port 8080. This memory corruption can enable remote attackers to execute arbitrary code or trigger a ...

CA Gateway Security Malformed HTTP Packet Remote Code Execution

According to its version number, the CA Gateway Security install on the remote Windows host is affected by a code execution vulnerability caused by a heap corruption condition when handling specially crafted HTTP requests on port 8080. A remote, unauthenticated attacker could exploit this flaw an...

CA20110720-01: Security Notice for CA Gateway Security and Total Defense

-----BEGIN PGP SIGNED MESSAGE----- CA20110720-01: Security Notice for CA Gateway Security and Total Defense Issued: July 20, 2011 CA Technologies support is alerting customers to a security risk with CA Gateway Security. A vulnerability exists that can allow a remote attacker to execute arbitrary...

CA Gateway Security / Total Defense memory corruption

Memory corruption on TCP/8080 HTTP request parsing...

CVE-2011-0758

The eCS component ECSQdmn.exe in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service crash and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow...

Heap overflow

The eCS component ECSQdmn.exe in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service crash and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow...