cpe:/a:ca:etrust_secure_content_manager:8.0 CVE-2008-2541 2008-06-04T16:32:00.000-04:00 2017-08-07T21:31:08.200-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-06-05T11:38:00.000-04:00 ALLOWS_ADMIN_ACCESS SECTRACK 1020167 BUGTRAQ 20080604 CA Secure Content Manager HTTP Gateway Service FTP Request Vulnerabilities BUGTRAQ 20080604 TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability BUGTRAQ 20080604 ZDI-08-035: CA ETrust Secure Content Manager Gateway FTP PASV Stack Overflow Vulnerability BUGTRAQ 20080604 ZDI-08-036: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow BID 29528 SECUNIA 30518 VUPEN ADV-2008-1741 XF ca-etrust-scm-ftp-bo(42821) MISC http://dvlabs.tippingpoint.com/advisory/TPTI-08-05 CONFIRM http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36408 MISC http://www.zerodayinitiative.com/advisories/ZDI-08-035/ MISC http://www.zerodayinitiative.com/advisories/ZDI-08-036 CONFIRM https://support.ca.com/irj/portal/anonymous/SolutionResults?aparNo=QO99987&os=NT&actionID=3 Multiple stack-based buffer overflows in the HTTP Gateway Service (icihttp.exe) in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to (1) the file month field in a LIST command; (2) the PASV command; and (3) directories, files, and links in a LIST command.