Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-0758

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-0758
Last Modified 22 Sep 2011 12:00:00
Published 10 Feb 2011 01:00:59
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-0758

Summary

The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted request to port 1882, involving an incorrect integer calculation and a heap-based buffer overflow.

Vulnerable Systems

Application

  • Ca Etrust Secure Content Manager 8.0

  • Ca Gateway Security 8.1


References

CONFIRM - https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={EE6F16E1-6E05-4890-A739-2B9F745C721F}

MISC - http://www.zerodayinitiative.com/advisories/ZDI-11-059

VUPEN - ADV-2011-0306

SECTRACK - 1025052

BID - 46253

BUGTRAQ - 20110207 ZDI-11-059: CA ETrust Secure Content Manager Common Services Transport Remote Code Execution Vulnerability

SREASON - 8075

SECUNIA - 43200

OSVDB - 70840

MISC - http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ca


Last Updated: 27 May 2016 10:56:02