DB: Ingres Database uuid_from_char Overflow
This signature detects attempts to exploit a known vulnerability in the Ingres Database. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server, typically root.
Extended Description
Ingress Database Server included in CA eTrust Secure Content Manager is prone to multiple remote vulnerabilities, including multiple stack- and heap-based buffer-overflow issues, multiple pointer-overwrite issues, and an arbitrary-file-overwrite issue. Successful exploits will allow attackers to completely compromise affected computers, including executing arbitrary code with SYSTEM-level privileges and truncating the 'alarkp.def' file.
Affected Products
Computer_associates etrust_secure_content_manager
Short Name
DB:INGRES-UUID_FROM_CHAR-OF
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
CVE-2007-3338 Database Ingres Overflow bid:24585 uuid_from_char
Release Date
04/14/2008
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3339
Port
TCP/21064
False Positive
Unknown
Vendors
Computer_associates
Ingres_corporation
CVSS Score
10.0