Back to search
CVE-2008-2541
Published: Jun 4, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple stack-based buffer overflows in the HTTP Gateway Service (icihttp.exe) in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to (1) the file month field in a LIST command; (2) the PASV command; and (3) directories, files, and links in a LIST command.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20080604 TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability
mailing-list
x_refsource_BUGTRAQ
30518
third-party-advisory
x_refsource_SECUNIA
http://dvlabs.tippingpoint.com/advisory/TPTI-08-05
x_refsource_MISC
29528
vdb-entry
x_refsource_BID
20080604 ZDI-08-036: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow
mailing-list
x_refsource_BUGTRAQ
20080604 CA Secure Content Manager HTTP Gateway Service FTP Request Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
ADV-2008-1741
vdb-entry
x_refsource_VUPEN
1020167
vdb-entry
x_refsource_SECTRACK
http://www.zerodayinitiative.com/advisories/ZDI-08-035/
x_refsource_MISC
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36408
x_refsource_CONFIRM
20080604 ZDI-08-035: CA ETrust Secure Content Manager Gateway FTP PASV Stack Overflow Vulnerability
mailing-list
x_refsource_BUGTRAQ
ca-etrust-scm-ftp-bo(42821)
vdb-entry
x_refsource_XF
http://www.zerodayinitiative.com/advisories/ZDI-08-036
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now