Check Point Advisories

Preemptive Protection against CA eTrust Secure Content Manager Gateway FTP PASV Stack Overflow Vulnerability

Check Point Reference: CPAI-2008-090
Date Published: 30 Jun 2008
Severity: High
Last Updated: Friday 08 August, 2008
Source: Secunia Advisory: SA30518
Industry Reference:CVE-2008-2541
Protection Provided by:
Who is Vulnerable? CA eTrust Secure Content Manager 8
Vulnerability Description A buffer overflow vulnerability was discovered in CA eTrust Secure Content Manager. CA eTrust Secure Content Manager (SCM) is a gateway product for Windows platform that secures, monitors, filters and blocks potential threats from messaging and Web traffic. It provides protection against malware, spam, phishing, P2P file sharing and prevents access to known spyware sites. A remote attacker can exploit this vulnerability to execute arbitrary code on a vulnerable system.
Vulnerability DetailsThe vulnerability is due to a boundary error in CA eTrust Secure Content Manager that fails to sufficiently check certain FTP responses. A remote attacker can exploit this issue by sending a specially crafted FTP PASV response to the target server. Successful exploitation of this vulnerability may allow the attacker to execute arbitrary code on the target system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK