Signature Detail
Short Name |
APP:INTERSYSTEMS-CACHE-OF |
|---|---|
Severity |
High |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
InterSystems Cache 'UtilConfigHome.csp' Remote Stack Buffer Overflow |
Release Date |
2011/11/09 |
Update Number |
2028 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: InterSystems Cache 'UtilConfigHome.csp' Remote Stack Buffer Overflow
This signature detects attempts to exploit a known flaw in InterSystems Cache server. A successful attack could result in arbitrary code execution.
Extended Description
InterSystems Cache is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in denial-of-service conditions. InterSystems Cache 2009.1 is vulnerable; other versions may also be affected.
Affected Products
- InterSystems Cache 2009.1
- InterSystems Cache 2009.1.1
- InterSystems Cache 2009.1.2
References
- BugTraq: 37177