Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
APP:BORLAND:STARTEAM-MPX-OF |
|---|---|
Severity |
Major |
Recommended |
No |
Category |
APP |
Keywords |
Borland StarTeam MPX Overflow |
Release Date |
2012/11/15 |
Update Number |
2203 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
APP: Borland StarTeam MPX Overflow
This signature detects attempts to exploit several known issues in Borland's StarTeam MPX server. A successful attack could result in arbitrary code execution or a denial of service.
Extended Description
Borland StarTeam is prone to multiple issues, including multiple integer-overflow vulnerabilities, a heap-overflow vulnerability, and a denial-of-service vulnerability. Successfully exploiting these issues allows remote attackers to execute arbitrary machine code in the context of vulnerable server processes. These issues may facilitate the remote compromise of affected computers. Attackers may also trigger denial-of-service conditions. NOTE: The StarTeam MPX vulnerabilities may actually be related to a TIBCO SmartSocket DLL, but this has not been confirmed. We may update this BID as more information emerges. Borland StarTeam Server 2008 and MPX products are vulnerable to these issues; other versions may also be affected.
Affected Products
- Borland starteam_2008 10.0.0.57
- Borland starteam_mpx 6.7
References
- BugTraq: 28080