APP: InterSystems Cache 'UtilConfigHome.csp' Remote Stack Buffer Overflow
This signature detects attempts to exploit a known flaw in InterSystems Cache server. A successful attack could result in arbitrary code execution.
Extended Description
InterSystems Cache is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in denial-of-service conditions. InterSystems Cache 2009.1 is vulnerable; other versions may also be affected.
Affected Products
Intersystems cache
References
BugTraq: 37177
Short Name
APP:INTERSYSTEMS-CACHE-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
'UtilConfigHome.csp' Buffer Cache InterSystems Overflow Remote Stack bid:37177
Release Date
11/10/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Intersystems