CA Secure Content Manager HTTP Gateway Service FTP Vulnerabilities

Critical Nessus Plugin ID 33108


A remote Windows host contains a program that is affected by multiple buffer overflow vulnerabilities.


The remote host is running Computer Associates' Secure Content Manager, a gateway product for filtering messaging and web traffic.

The HTTP Gateway component ('icihttp.exe') of the version of Secure Content Manager installed on the remote host does not sufficiently check responses to FTP 'LIST' and 'PASV' commands before copying them into a stack buffer. An unauthenticated, remote attacker can leverage these issues to crash the affected service or to execute arbitrary code on the affected host with SYSTEM privileges.


Apply the QO99987 patch referenced in the CA advisory.

See Also

Plugin Details

Severity: Critical

ID: 33108

File Name: ca_scm_icihttp_ftp_vulns.nasl

Version: $Revision: 1.10 $

Type: local

Agent: windows

Family: Windows

Published: 2008/06/09

Modified: 2016/10/07

Dependencies: 13855

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: false

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2008-2541

BID: 29528

OSVDB: 46012, 46013

Secunia: 30518

CWE: 119