Thursday, June 05, 2008 9:32 AM
cmosby
CA Secure Content Manager Multiple Vulnerabilities - Secunia - 6/05/2008
CA Secure Content Manager Multiple Vulnerabilities
Secunia Advisory:
SA30518
Release Date:
2008-06-04
Last Update:
2008-06-05
Critical:
Highly critical
Impact:
DoS
System access
Where:
From remote
Solution Status:
Vendor Patch
Software:
eTrust Secure Content Manager (SCM)
CVE reference:
CVE-2008-2541 (Secunia mirror)
Description:
Some vulnerabilities have been reported in CA eTrust Content Manager, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
1) Two boundary errors exists in the HTTP Gateway service (icihttp.exe on port 8080/TCP) when processing certain FTP requests. These can be exploited to cause stack-based buffer overflows via an overly long response to a LIST or PASV command.
2) A boundary error exists in the HTTP Gateway service (icihttp.exe on port 8080/TCP) when converting content of an FTP listing from raw text to HTML. This can be exploited to cause a stack-based buffer overflow via an overly long string.
Successful exploitation of these vulnerabilities allows execution of arbitrary code with SYSTEM privileges.
The vulnerabilities are reported in CA eTrust Secure Content Manager 8.0.
Solution:
Apply patch QO99987 (please see the vendor's advisory for details):
https://support.ca.com/irj/portal/ano...s?reqPage=search&searchID=QO99987Provided and/or discovered by:
1) Sebastian Apelt, reported via ZDI.
2) Cody Pierce, TippingPoint DVLabs
Changelog:
2008-06-05: Updated "Description" and "Original Advisory" section with additional information. Updated credits section.
Original Advisory:
CA:
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36408https://support.ca.com/irj/portal/ano...arNo=QO99987&os=NT&actionID=3ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-08-035/http://www.zerodayinitiative.com/advisories/ZDI-08-036/TippingPoint DVLabs:
http://dvlabs.tippingpoint.com/advisory/TPTI-08-05
Filed under: Security and Anti-Virus, Patch Management, Enterprise Applications, Software Vulnerabilites