Date Discovered: 15 Feb 2005
Date Published: 19 Feb 2005
Last Updated: 22 Aug 2005
Vulnerability ID: 32478 Discovered By: cybertronic
Exploitable Locally: No Exploitable Remotely: Yes
Impact: Remote attackers can execute arbitrary code.
Root Cause: Software Vulnerability
Computer Associates BrightStor ARCserve Backup contains a buffer overflow vulnerability that can allow remote attackers to execute arbitrary code. The vulnerability is due to improper bounds checking performed when processing received network traffic. Remote attackers can exploit the vulnerability by sending a large TCP packet to port 41523.
Back to top
-------------------------------------------------------------------------------For: BrightStor ARCServe Backup 9.0 Netware, BrightStor ARCserve Backup (BAB) r11.1 Windows, BrightStor ARCserve Backup 11 for Windows, BrightStor ARCServe Backup 11.1 NetWare, BrightStor ARCserve Backup 9.0 Windows (v9.01), BrightStor ARCserve Backup r11.1 for Windows 64, BrightStor Enterprise Backup 10.0, BrightStor Enterprise Backup v10.5 for WindowsApply the patches provided by the vendor:Computer Associates BrightStor ARCServe Backup for NetWare 9.0:http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO64541&startsearch=1 Computer Associates BrightStor ARCServe Backup for Windows 9.0.1:http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO64542&startsearch=1 Computer Associates BrightStor Enterprise Backup 10.0:http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO64544&startsearch=1 Computer Associates BrightStor Enterprise Backup 10.5:http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO64540&startsearch=1 Computer Associates BrightStor ARCServe Backup for Windows 11.0:http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO64539&startsearch=1 Computer Associates BrightStor ARCServe Backup for Windows 11.1:http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO64538&os=NT&returninput=0 Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.1:http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO64538&os=NT&returninput=0 Computer Associates BrightStor ARCServe Backup for NetWare 11.1:http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO64543&startsearch=1Vendor advisory:http://supportconnect.ca.com/sc/kb/problemdetail.jsp?productcd=AXWBAS&problemnbr=597&release=11.1&opsys=NT
Computer Associates: BrightStor ARCserve Backup (BAB) r11.1 WindowsComputer Associates: BrightStor ARCserve Backup 11 for WindowsComputer Associates: BrightStor ARCServe Backup 11.1 NetWareComputer Associates: BrightStor ARCserve Backup r11.1 (64-bit) for WindowsComputer Associates: CA BrightStor ARCServe Backup 9.0 Netware x86 32Computer Associates: CA Brightstor ARCserve Backup 9.01 (QO38491) WindowsComputer Associates: CA Brightstor Enterprise Backup 10.0Computer Associates: CA Brightstor Enterprise Backup v10.5 for Windows
Mitre CVE: CAN-2005-2535