Computer Associates (CA) Message Queuing buffer overflow (Systems_Management_Stack_BO)

About this signature or vulnerability

BlackICE Server Protection, BlackICE PC Protection, RealSecure Server Sensor, RealSecure Network, IBM Security Server Protection for Windows, Proventia Network MFS, Proventia-G 1.1 and earlier, Proventia Network IDS, Proventia Network IPS, Proventia Desktop, RealSecure Desktop, Virtual Server Protection for Vmware, Proventia Server IPS for Linux technology:

This signature detects attempts to exploit a possible buffer overflow in a partiular systems management application by specifying a user-defined string length which is longer than the receiving buffer on the stack.

This signature detects attempts to exploit a possible buffer overflow in a particular systems management application by specifying a user-defined string length which is longer than the receiving buffer on the stack.

BlackICE Server Protection, BlackICE PC Protection, RealSecure Server Sensor, RealSecure Network, IBM Security Server Protection for Windows, Proventia Network MFS, Proventia-G 1.1 and earlier, Proventia Network IDS, Proventia Network IPS, Proventia Desktop, RealSecure Desktop, Virtual Server Protection for Vmware, Proventia Server IPS for Linux technology: This traffic cannot be positively identified. You must correlate this event with system vulnerability information to confirm malicious intentions.

Default risk level

 High

Sensors that have this signature

BlackICE Server Protection: 3.6.cqc, BlackICE PC Protection: 3.6cqc, RealSecure Server Sensor: XPU 24.57, RealSecure Network: XPU 24.57, IBM Security Server Protection for Windows: 2.1.14.2400, IBM Security Server Protection for Windows: 1.0.914.1970, Proventia Network MFS: XPU 1.96, Proventia-G 1.1 and earlier: XPU 24.57, Proventia Network IDS: XPU 24.57, Proventia Network IPS: XPU 1.96, Proventia Desktop: 1970, RealSecure Desktop: eqc, Virtual Server Protection for Vmware: 1.0, Proventia Server IPS for Linux technology: 1.96

Systems affected

CA Unicenter TNG: 2.1, CA Unicenter TNG: 2.4, CA Unicenter TNG: 2.4.2, CA Unicenter Remote Control: 6.0, CA Unicenter Asset Management: 4.0, CA Advantage Data Transport: 3.0, CA BrightStor SAN Manager: 11.1, CA BrightStor Portal: 11.1, CA CleverPath OLAP: 5.1, CA CleverPath ECM: 3.5, CA CleverPath Predictive Analysis Server: 2.0, CA CleverPath Predictive Analysis Server: 3.0, CA CleverPath Aion: 10.0, CA eTrust Admin: 2.01, CA eTrust Admin: 2.04, CA eTrust Admin: 2.07, CA eTrust Admin: 2.09, CA eTrust Admin: 8.0, CA eTrust Admin: 8.1, CA Unicenter Application Performance Monitor: 3.0, CA Unicenter Application Performance Monitor: 3.5, CA Unicenter Asset Management: 3.1, CA Unicenter Asset Management: 3.2, CA Unicenter Asset Management: 3.2 SP1, CA Unicenter Asset Management: 3.2 SP2, CA Unicenter Asset Management: 4.0 SP1, CA Unicenter Data Transport Option: 2.0, CA Unicenter Enterprise Job Manager: 1.0 SP1, CA Unicenter Enterprise Job Manager: 1.0 SP2, CA Unicenter Jasmine: 3.0, CA Unicenter Management WebSphere MQ: 3.5, CA Unicenter Management Microsoft Exchange: 4.0, CA Unicenter Management Microsoft Exchange: 4.1, CA Unicenter Management Lotus Note Domino: 4.0, CA Unicenter Management Web Servers: 5, CA Unicenter Management Web Servers: 5.0.1, CA Unicenter NSM: 3.0, CA Unicenter NSM: 3.1, CA Unicenter NSM Wireless Network Management Option: 3.0, CA Unicenter Remote Control: 6.0 SP1, CA Unicenter Service Level Management: 3.0, CA Unicenter Software Delivery: 3.1 SP1, CA Unicenter Software Delivery: 3.1 SP2, CA Unicenter Software Delivery: 4.0, CA Unicenter Software Delivery: 4.0 SP1, CA Unicenter TNG JPN: 2.2, CA Unicenter Service Level Management: 3.0.2, CA Unicenter Service Level Management: 3.5, CA Unicenter Software Delivery: 3.0, CA Unicenter Software Delivery: 3.1, CA BrightStor SAN Manager: 11.5, CA Unicenter TNG: 2.2, CA Unicenter Service Level Management: 3.0.1

Type

Unauthorized Access Attempt

Vulnerability description

How to remove this vulnerability

References