Security Notice for CA Secure Content Manager HTTP Gateway Service - CA Technologies
{{search ? 'Close':'Search'}}

Security Notice for CA Secure Content Manager HTTP Gateway Service

Issued: June 03, 2008

CA's customer support is alerting customers to security risks associated with CA Secure Content Manager. Multiple vulnerabilities exist in the HTTP Gateway service that can allow a remote attacker to cause a denial of service condition or execute arbitrary code. CA has issued a patch to address the vulnerabilities.

The vulnerabilities, CVE-2008-2541, occur due to insufficient bounds checking on certain FTP requests. An attacker can make a request that will cause the service to fail or allow the attacker to take privileged action on the system.

Risk Rating




Affected Products

CA Secure Content Manager r8

How to determine if the installation is affected


  1. Using a registry editor, determine if the following key exists:


  2. If the key does not exist, the installation is vulnerable


CA has issued the following patch to address the vulnerabilities.

CA Secure Content Manager r8:





CVE-2008-2541 - CA Secure Content Manager multiple FTP buffer overflows


CVE-2008-2541 - Sebastian Apelt working with ZDI/TippingPoint, Cody Pierce, TippingPoint DVLabs

Change History

Version 1.0: Initial Release

If additional information is required, please contact CA Technical Support at

If you discover a vulnerability in CA products, please report your findings to our product security response team.

Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required


We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{}} will be helping you today.

    View Profile

  • Transfered to {{}}

    {{}} joined the conversation

    {{}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1]}} has ended.
    Thank you for your interest in CA.

    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

agent is typing