APP: Computer Associates Products Message Engine RPC Server Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Computer Associates Products Message Engine. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the service.
Extended Description
Multiple Computer Associates products are prone to multiple buffer-overflow vulnerabilities because the applications using an affected library fail to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer. Exploiting these issues allows attackers to execute arbitrary machine code within the context of the affected application.
Affected Products
Computer_associates server_protection_suite
Short Name
APP:CA:RPC-MSG-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Associates Buffer CVE-2006-5143 CVE-2007-0169 CVE-2009-1761 Computer Engine Message Overflow Products RPC Server bid:20365 bid:22005 bid:35396
Release Date
10/31/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Computer_associates
CVSS Score
7.5
5.0