Short Name |
APP:INTERSYSTEMS-CACHE-OF |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
InterSystems Cache 'UtilConfigHome.csp' Remote Stack Buffer Overflow |
Release Date |
2011/11/09 |
Update Number |
2028 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known flaw in InterSystems Cache server. A successful attack could result in arbitrary code execution.
InterSystems Cache is prone to a remote stack-based buffer-overflow vulnerability because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. An attacker can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in denial-of-service conditions. InterSystems Cache 2009.1 is vulnerable; other versions may also be affected.