Redgate compare blocked by Cisco Security Agent

dwainewdwainew Posts: 59 Bronze 4
edited December 3, 2007 9:42AM in SQL Compare Previous Versions
We recently implemneted the "Cisco Security agent" for intranet security. Running SQL Compare resulted in the following log entry from CSA:

11/30/2007 1:21:10 PM: The process 'C:\Program Files\Red Gate\SQL Bundle 5\SQLCompare.exe' (as user USPHC\DW535ix) attempted to call the function CreateFileW("c:\windows\microsoft.net\framework\v1.1.4322\Config\machine.config") from a buffer (the return address was 0x52bdec). The code at this address is '50c64304 00f6031f 75308b46 08ff5008 50e83f45 3e7c8943 7458c643 0401833d' This either happens when a process uses self-modifying code or when a process has been subverted by a buffer overflow attack. The operation was denied and process terminated.


Any comments/suggestions?

Comments

  • Brian DonahueBrian Donahue Posts: 6,590 Bronze 1
    Hi Dwaine,

    As far as I know SQL Compare is not going to create or even read this file -- it would be more than likely that the .NET Framework is doing this internally and we have no control over it. Does it do this when launching any .NET application? (Data Compare, Packager, etc.)

    Another obvious possibility is that the file really is infected by a virus.
Sign In or Register to comment.