APP: Borland StarTeam MPX Overflow
This signature detects attempts to exploit several known issues in Borland's StarTeam MPX server. A successful attack could result in arbitrary code execution or a denial of service.
Extended Description
Borland StarTeam is prone to multiple issues, including multiple integer-overflow vulnerabilities, a heap-overflow vulnerability, and a denial-of-service vulnerability. Successfully exploiting these issues allows remote attackers to execute arbitrary machine code in the context of vulnerable server processes. These issues may facilitate the remote compromise of affected computers. Attackers may also trigger denial-of-service conditions. NOTE: The StarTeam MPX vulnerabilities may actually be related to a TIBCO SmartSocket DLL, but this has not been confirmed. We may update this BID as more information emerges. Borland StarTeam Server 2008 and MPX products are vulnerable to these issues; other versions may also be affected.
Affected Products
Borland starteam_mpx
References
BugTraq: 28080
Short Name
APP:BORLAND:STARTEAM-MPX-OF
Severity
Major
Recommended
False
Recommended Action
None
Category
APP
Keywords
Borland MPX Overflow StarTeam bid:28080
Release Date
11/15/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
tcp/5101
False Positive
Unknown
Vendors
Borland