Short Name |
HTTP:CA-XOSOFT-XOSOAP |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Computer Associates XOsoft xosoapapi.asmx Buffer Overflow |
Release Date |
2010/10/25 |
Update Number |
1798 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known buffer overflow vulnerability in CA XOsoft Multiple Products. It is due to insufficient boundary checking when handling certain HTTP requests sent to the ws_man.exe process. A remote unauthenticated attacker can exploit this by sending a malicious HTTP request to a target server. In a successful attack, where arbitrary code is injected and executed on the vulnerable target host, the behavior of the target system is dependent on the malicious code. Note that any code executed by the attacker runs with the privileges of the service. In an unsuccessful attack, the application can terminate abnormally.
Computer Associates XOsoft is prone to multiple buffer-overflow vulnerabilities because the application fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.