TippingPoint Digital Vaccine Laboratories
DID YOU KNOW... DVLabs and our Zero Day Initiative were credited with discovering 17 Microsoft vulnerabilities in 2006 alone.

ZDI Public Disclosure: CA



These vulnerabilities are being published as per the ZDI disclosure changes announced in August of 2010.

ZDI-CAN-342


Title:
CA ETrust Secure Content Manager Common Services Transport Remote Code Execution Vulnerability

Advisory:
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates eTrust Secure Content Manager. Authentication is not required to exploit this vulnerability.

The specific flaw exists in the eTrust Common Services Transport (ECSQdmn.exe) running on port 1882. When making a request to this service a user supplied DWORD value is used in a memory copy operation. Due to the lack of bounds checking an integer can be improperly calculated leading to a heap overflow. If successfully exploited this vulnerability will result in a remote system compromise with SYSTEM credentials.

Mitigation:
As the affected process is bound to a TCP port, external exploitation of this vulnerability can be mitigated by ensuring no traffic can reach the machine on the specified port. This can be done at the network level with a firewall or other similar technology. On the host, an administrator can force the affected process to opt in to DEP and ASLR using the EMET tool from Microsoft which should help mitigate exploitation of this buffer overflow.



Tags:
Published On: 2011-02-07 17:05:15

Comments post a comment

No comments.
Trackback