Computer Security
[EN] securityvulns.ru no-pyccku


CA Gateway Security / Total Defense memory corruption
Published:22.07.2011
Source:
SecurityVulns ID:11799
Type:remote
Threat Level:
5/10
Description:Memory corruption on TCP/8080 HTTP request parsing.
Affected:CA : CA Gateway Security 8.1
 CA : CA Total Defense 12
CVE:CVE-2011-2667 (Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Security 8.1 before 8.1.0.69 and CA Total Defense r12, does not properly parse URLs, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and daemon crash) via a malformed request.)
Original documentdocumentZDI, ZDI-11-237: CA Total Defense Suite Gateway Security Malformed HTTP Packet Remote Code Execution Vulnerability (22.07.2011)
 documentCA, CA20110720-01: Security Notice for CA Gateway Security and Total Defense (22.07.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod