CA Gateway Security Remote Code Execution Vulnerability

This host is installed with CA Gateway Security and is prone to remote code execution Vulnerability. OpenVAS Vulnerability Test $Id: gbcagatewaysecurityremotecodeexecutionvuln.nasl 7024 2017-08-30 11:51:43Z teissa $ CA Gateway Security Remote Code Execution Vulnerability Authors: Rachana Shetty...

CA Gateway Security RCE Vulnerability

CA Gateway Security is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Memory corruption

Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption and daemon crash via a malformed...

CVE-2011-2667

CA Gateway Security (and CA Total Defense r12) is affected by CVE-2011-2667 due to a flawed URL parsing loop in the Icihttp.exe module, which can overflow heap memory on HTTP requests received on port 8080. This memory corruption can enable remote attackers to execute arbitrary code or trigger a ...

ZDI-11-237: CA Total Defense Suite Gateway Security Malformed HTTP Packet Remote Code Execution Vulnerability

ZDI-11-237: CA Total Defense Suite Gateway Security Malformed HTTP Packet Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-237 July 20, 2011 -- CVE ID: CVE-2011-2667 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: CA -- Affected Products: CA Tota...