CA eTrust SCM Multiple HTTP Gateway Service Vulnerabilities

CA eTrust Secure Content Manager is prone to arbitrary code execution and denial of service DoS vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CA Secure Content Manager HTTP Gateway Service Detection

The remote service is the HTTP Gateway Service component of Computer Associates' Secure Content Manager, which is used to filter web traffic. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid33140;...

CA Secure Content Manager HTTP Gateway Service FTP Vulnerabilities

The remote host is running Computer Associates' Secure Content Manager, a gateway product for filtering messaging and web traffic. The HTTP Gateway component 'icihttp.exe' of the version of Secure Content Manager installed on the remote host does not sufficiently check responses to FTP 'LIST' and...

CA Secure Content Manager HTTP Gateway Service FTP Request Vulnerabilities

Title: CA Secure Content Manager HTTP Gateway Service FTP Request Vulnerabilities CA Advisory Date: 2008-06-03 Reported By: Sebastian Apelt working with ZDI/TippingPoint Cody Pierce, TippingPoint DVLabs Impact: A remote attacker can cause a denial of service or execute arbitrary code. Summary: CA...

TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability

TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-08-05 June 4, 2008 -- CVE ID: CVE-2008-2541 -- Affected Vendors: Computer Associates -- Affected Products: Computer Associates eTrust Secure Content Manager --...

CVE-2008-2541

Multiple stack-based buffer overflows in the HTTP Gateway Service icihttp.exe in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to 1 the file month field in a LIST command; 2 the PASV command; and ...

Stack overflow

Multiple stack-based buffer overflows in the HTTP Gateway Service icihttp.exe in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to 1 the file month field in a LIST command; 2 the PASV command; and ...

CVE-2008-2541

Multiple stack-based buffer overflows in the HTTP Gateway Service icihttp.exe in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to 1 the file month field in a LIST command; 2 the PASV command; and ...

CVE-2008-2541

CA eTrust Secure Content Manager (SCM) HTTP Gateway Service (icihttp.exe) contains multiple stack-based buffer overflow vulnerabilities when handling FTP responses (LIST and PASV). CVE-2008-2541 allows remote, unauthenticated attackers to execute arbitrary code or cause DoS with SYSTEM privileges...