CA Secure Content Manager HTTP Gateway Service FTP Vulnerabilities
Critical Nessus Plugin ID 33108
A remote Windows host contains a program that is affected by multiple buffer overflow vulnerabilities.
The remote host is running Computer Associates' Secure Content Manager, a gateway product for filtering messaging and web traffic. The HTTP Gateway component ('icihttp.exe') of the version of Secure Content Manager installed on the remote host does not sufficiently check responses to FTP 'LIST' and 'PASV' commands before copying them into a stack buffer. An unauthenticated, remote attacker can leverage these issues to crash the affected service or to execute arbitrary code on the affected host with SYSTEM privileges.
Apply the QO99987 patch referenced in the CA advisory.