| Name | CA.ETrust.SCM.Gateway.LIST.Stack.Overflow |
| Alias/es | CA.ETrust.SCM.Gateway.LIST.Stack.Overflow |
| Release Date | Jun 16, 2008 |
| Severity | Critical |
| Impact | System Compromise: Remote attackers can gain control of vulnerable systems. |
| Description | This indicates an attempt to exploit a stack-based vulnerability in CA eTrust Secure Content Manager.
This vulnerability may cause a buffer overflow when responding to overly long LIST commands via FTP. A remote attacker may exploit this to execute arbitrary code or cause denial of service. |
| Affected Products | CA eTrust Secure Content Manager 8.0. |
| Recommended Actions | Apply the patch, available from the following website:
https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID=QO99987 |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2008-2541
|
| Reference/s | http://www.securityfocus.com/bid/29528 (BugTraq)
http://www.vupen.com/english/advisories/2008/1741 (FrSIRT)
http://www.zerodayinitiative.com/advisories/ZDI-08-036
|