Update Protection against Borland StarTeam Multicast Service HTTP Handling Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2008-130 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA29631 | |
| Industry Reference(s): | CVE-2008-0311 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Borland StarTeam Multicast Service 6.4 | ||
| Vulnerability Description A buffer overflow vulnerability has been reported in Borland StarTeam Multicast Service. Borland StarTeam is a software change and configuration management tool, designed for both centralized and geographically distributed software development environments. A remote attacker might exploit this vulnerability to inject and execute arbitrary code on an affected system. |
||
|
Vulnerability Details The vulnerability is due to a boundary error in the Borland StarTeam Multicast Service when processing HTTP requests. An attacker can exploit this issue by specially crafting a malicious HTTP request and sending it to the target service. Successful exploitation of this vulnerability may allow the attacker to execute arbitrary code on the target system. |
Protection Overview
By enabling this protection, SmartDefense will detect and block malformed HTTP requests.
In order for the protection to be activated, update your VPN-1 product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.