CyberSec.Space Logo
Back to CVE Browser

CVE-2008-2541

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1160%
EPSS Percentile27.98th
PublishedJun 4, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple stack-based buffer overflows in the HTTP Gateway Service (icihttp.exe) in CA eTrust Secure Content Manager 8.0 allow remote attackers to execute arbitrary code or cause a denial of service via long FTP responses, related to (1) the file month field in a LIST command; (2) the PASV command; and (3) directories, files, and links in a LIST command.

Affected Platforms (CPE)

πŸ“¦
Ca

Etrust Secure Content Manager

= 8.0

References & Advisories

πŸ”— http://dvlabs.tippingpoint.com/advisory/TPTI-08-05
πŸ”— http://secunia.com/advisories/30518
πŸ”— http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=36408
πŸ”— http://www.securityfocus.com/archive/1/493082/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/493084/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/493087/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/493124/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/29528

Related Vulnerabilities

CVE-2005-169310.0

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, e...

CVE-2007-333410.0

Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) component...

CVE-2011-075810.0

The eCS component (ECSQdmn.exe) in CA ETrust Secure Content Manager 8.0 and CA Gateway Security 8.1 allows remote attackers to cau...

CVE-2008-19847.8

The eTrust Common Services (Transport) Daemon (eCSqdmn) in CA Secure Content Manager 8.0.28000.511 and earlier allows remote attac...