Lucene search
HistoryJun 04, 2008 - 12:00 a.m.
CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability
0.216 Low
EPSS
Percentile
96.5%
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the HTTP Gateway service icihttp.exe running on port 8080. When issuing a request for a FTP service the process tries to decorate the contents of the transaction. In this particular case by specifying a overly long response to a LIST command a stack buffer can be overflowed. Successful exploitation can lead to complete system compromise under the SYSTEM context.
Related
openvas
openvas
CA eTrust SCM Multiple HTTP Gateway Service Vulnerabilities
2008-09-26 00:00:00
CA eTrust SCM Multiple HTTP Gateway Service Vulnerabilities
2008-09-26 00:00:00
seebug
seebug
CA eTrust Secure Content Managerε€δΈͺζ ζΊ’εΊζΌζ΄
2008-06-06 00:00:00
securityvulns
securityvulns
cvelist
cvelist
CVE-2008-2541
2008-06-04 20:00:00
checkpoint_advisories
checkpoint_advisories
zdi
zdi
cve
cve
CVE-2008-2541
2008-06-04 20:32:00
nvd
nvd
CVE-2008-2541
2008-06-04 20:32:00
nessus
nessus
CA Secure Content Manager HTTP Gateway Service FTP Vulnerabilities
2008-06-09 00:00:00
prion
prion
Stack overflow
2008-06-04 20:32:00