CA eTrust SCM Multiple HTTP Gateway Service Vulnerabilities

Summary
The host is installed with CA eTrust Secure Content Manager which is prone to arbitrary code execution and DoS Vulnerabilities.
Impact
Successful exploitation allow attackers to execute arbitrary code or compromise complete system under the system context or denying of service. Impact Level : System
Solution
Apply patch QO99987, https://support.ca.com/irj/portal/ano...s?reqPage=search&searchID=QO99987 ***** NOTE : Ignore this warning, if above mentioned patch is applied already. *****
Insight
The flaws are due to - boundary error in the HTTP Gateway service (icihttp.exe running on port 8080), when converting content of an FTP request listing from raw text to HTML. - insufficient bounds checking on certain FTP requests by sending a specially crafted FTP requests containing an overly long LIST/PASV commands that can cause stack-based buffer overflow.
Affected
CA eTrust Secure Content Manager version 8.0 - Windows (Any).
References