Computer Associates (CA) Message Queuing buffer overflow (Systems_Management_Stack_BO)

About this signature or vulnerability

Proventia Desktop, Proventia Network IPS, RealSecure Desktop, Proventia Server IPS for Linux technology, Proventia Network IDS, Proventia-G 1.1 and earlier, IBM Security Server Protection for Windows, Proventia Network MFS, BlackICE Server Protection, BlackICE PC Protection, RealSecure Server Sensor, RealSecure Network, Virtual Server Protection for Vmware:

This signature detects attempts to exploit a possible buffer overflow in a particular systems management application by specifying a user-defined string length which is longer than the receiving buffer on the stack.

This signature detects attempts to exploit a possible buffer overflow in a partiular systems management application by specifying a user-defined string length which is longer than the receiving buffer on the stack.

Proventia Desktop, Proventia Network IPS, RealSecure Desktop, Proventia Server IPS for Linux technology, Proventia Network IDS, Proventia-G 1.1 and earlier, IBM Security Server Protection for Windows, Proventia Network MFS, BlackICE Server Protection, BlackICE PC Protection, RealSecure Server Sensor, RealSecure Network, Virtual Server Protection for Vmware: This traffic cannot be positively identified. You must correlate this event with system vulnerability information to confirm malicious intentions.

Default risk level

 High

Sensors that have this signature

Proventia Desktop: 1970, Proventia Network IPS: XPU 1.96, RealSecure Desktop: eqc, Proventia Server IPS for Linux technology: 1.96, Proventia Network IDS: XPU 24.57, Proventia-G 1.1 and earlier: XPU 24.57, IBM Security Server Protection for Windows: 2.1.14.2400, IBM Security Server Protection for Windows: 1.0.914.1970, Proventia Network MFS: XPU 1.96, BlackICE Server Protection: 3.6.cqc, BlackICE PC Protection: 3.6cqc, RealSecure Server Sensor: XPU 24.57, RealSecure Network: XPU 24.57, Virtual Server Protection for Vmware: 1.0

Systems affected

CA Unicenter TNG: 2.1, CA Unicenter TNG: 2.4, CA Unicenter TNG: 2.4.2, CA Unicenter Remote Control: 6.0, CA Unicenter Asset Management: 4.0, CA Advantage Data Transport: 3.0, CA BrightStor SAN Manager: 11.1, CA BrightStor Portal: 11.1, CA CleverPath OLAP: 5.1, CA CleverPath ECM: 3.5, CA CleverPath Predictive Analysis Server: 2.0, CA CleverPath Predictive Analysis Server: 3.0, CA CleverPath Aion: 10.0, CA eTrust Admin: 2.01, CA eTrust Admin: 2.04, CA eTrust Admin: 2.07, CA eTrust Admin: 2.09, CA eTrust Admin: 8.0, CA eTrust Admin: 8.1, CA Unicenter Application Performance Monitor: 3.0, CA Unicenter Application Performance Monitor: 3.5, CA Unicenter Asset Management: 3.1, CA Unicenter Asset Management: 3.2, CA Unicenter Asset Management: 3.2 SP1, CA Unicenter Asset Management: 3.2 SP2, CA Unicenter Asset Management: 4.0 SP1, CA Unicenter Data Transport Option: 2.0, CA Unicenter Enterprise Job Manager: 1.0 SP1, CA Unicenter Enterprise Job Manager: 1.0 SP2, CA Unicenter Jasmine: 3.0, CA Unicenter Management WebSphere MQ: 3.5, CA Unicenter Management Microsoft Exchange: 4.0, CA Unicenter Management Microsoft Exchange: 4.1, CA Unicenter Management Lotus Note Domino: 4.0, CA Unicenter Management Web Servers: 5, CA Unicenter Management Web Servers: 5.0.1, CA Unicenter NSM: 3.0, CA Unicenter NSM: 3.1, CA Unicenter NSM Wireless Network Management Option: 3.0, CA Unicenter Remote Control: 6.0 SP1, CA Unicenter Service Level Management: 3.0, CA Unicenter Software Delivery: 3.1 SP1, CA Unicenter Software Delivery: 3.1 SP2, CA Unicenter Software Delivery: 4.0, CA Unicenter Software Delivery: 4.0 SP1, CA Unicenter TNG JPN: 2.2, CA Unicenter Service Level Management: 3.0.2, CA Unicenter Service Level Management: 3.5, CA Unicenter Software Delivery: 3.0, CA Unicenter Software Delivery: 3.1, CA BrightStor SAN Manager: 11.5, CA Unicenter TNG: 2.2, CA Unicenter Service Level Management: 3.0.1

Type

Unauthorized Access Attempt

Vulnerability description

How to remove this vulnerability

References