CA Secure Content Manager HTTP Gateway Service FTP Vulnerabilities

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

A remote Windows host contains a program that is affected by multiple
buffer overflow vulnerabilities.

Description :

The remote host is running Computer Associates' Secure Content
Manager, a gateway product for filtering messaging and web traffic.

The HTTP Gateway component ('icihttp.exe') of the version of Secure
Content Manager installed on the remote host does not sufficiently
check responses to FTP 'LIST' and 'PASV' commands before copying them
into a stack buffer. An unauthenticated, remote attacker can leverage
these issues to crash the affected service or to execute arbitrary
code on the affected host with SYSTEM privileges.

See also :

http://www.zerodayinitiative.com/advisories/ZDI-08-035/
http://www.zerodayinitiative.com/advisories/ZDI-08-036/
http://dvlabs.tippingpoint.com/advisory/TPTI-08-05
http://seclists.org/bugtraq/2008/Jun/39
http://seclists.org/bugtraq/2008/Jun/40
http://seclists.org/bugtraq/2008/Jun/46
http://www.nessus.org/u?28aa23fd
http://www.securityfocus.com/archive/1/493124/30/0/threaded

Solution :

Apply the QO99987 patch referenced in the CA advisory.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.4
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 33108 (ca_scm_icihttp_ftp_vulns.nasl)

Bugtraq ID: 29528

CVE ID: CVE-2008-2541

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now