View my documents ()
 Home > Support > Global Security Advisor 

Vulnerability Detail

CA multiple products DBASVR server buffer overflow vulnerabilities

Date Discovered:
5 Oct 2006

Date Published:
6 Oct 2006

Last Updated:
20 Oct 2006

Threat Assessment

Overall Risk:  Medium
Popularity : Medium
Impact:  High
Simplicity:  Low

Characteristics

Vulnerability ID:  34693
Discovered By:  Pedram Amini

Exploitable Locally:  No
Exploitable Remotely:  Yes

Impact:  Remote attackers can execute arbitrary code.

Root Cause:  Software Vulnerability

Description
Recommendations
Affected Technologies
References
 

Description

CA multiple products DBASVR contain vulnerabilities that can allow remote attackers to execute arbitrary code. The vulnerability is due to an error in DBASVR.exe. An attacker can exploit this vulnerability to execute arbitrary code.

Back to top

Recommendations



-------------------------------------------------------------------------------
For: CA BrightStor ARCserve Backup - Client Agent r11, CA BrightStor ARCserve Backup - Client Agent r11.1, CA BrightStor ARCserve Backup - Client Agent r11.5, CA BrightStor ARCserve Backup - Client Agent r11.5 SP1, CA Brightstor ARCserve Backup (BAB) Client Agent r11.1 for Windows, CA Brightstor ARCserve Backup (BAB) r11.1 Windows, CA Brightstor ARCserve Backup 9.0 Windows (v9.01), CA Brightstor ARCserve Backup Client Agent v9.01 for Windows, CA BrightStor ARCserve Backup for Windows r11, CA BrightStor ARCserve Backup for Windows r11.1, CA BrightStor ARCserve Backup for Windows r11.5, CA BrightStor ARCserve Backup for Windows r11.5 SP1, CA Brightstor Enterprise Backup v10.5 for Windows, CA Protection Suites - Protection Suite Server r2 x86 32

Upgrade to the latest versions of BrightStor ARCserve Backup which will be available for download from http://supportconnect.ca.com



Solution Document Reference APARs: QO82860, QO82863, QO82917, QO82856, QO82858



The following are new fix releases:

NOTE: These fixes do not replace the original fixes. Both fixes (each release needs two fixes) need to be applied.



Solution Document Reference APARs: QO83306, QO83307, QO83308, QO83309

Back to top

Affected Technologies

Computer Associates: BrightStor ARCserve Backup (BAB) r11.1 Client Agent for Windows
Computer Associates: BrightStor ARCserve Backup (BAB) r11.1 Windows
Computer Associates: BrightStor ARCserve Backup v9.01 Client Agent for Windows
Computer Associates: CA BrightStor ARCserve Backup - Client Agent r11
Computer Associates: CA BrightStor ARCserve Backup - Client Agent r11.1
Computer Associates: CA BrightStor ARCserve Backup - Client Agent r11.5
Computer Associates: CA BrightStor ARCserve Backup - Client Agent r11.5 SP1
Computer Associates: CA Brightstor ARCserve Backup 9.01 (QO38491) Windows
Computer Associates: CA BrightStor ARCserve Backup for Windows r11
Computer Associates: CA BrightStor ARCserve Backup for Windows r11.1
Computer Associates: CA BrightStor ARCserve Backup for Windows r11.5
Computer Associates: CA BrightStor ARCserve Backup for Windows r11.5 SP1
Computer Associates: CA Brightstor Enterprise Backup v10.5 for Windows
Computer Associates: CA Protection Suites - Protection Suite Server r2 x86 32

Back to top

References

Computer Associates: basbr
Mitre CVE: CVE-2006-5143

Back to top

CA Global Security Advisor

Current threat condition: Low
Low
Documents and Tools
Find Threats
Viruses Spyware
Vulnerabilities All
 
 
Page Tools
ShareShare