View my documents ()
 Home > Support > Global Security Advisor 

Vulnerability Detail

CA BrightStor ARCserve Backup Tape Engine buffer overflow vulnerability

Date Discovered:
21 Nov 2006

Date Published:
7 Dec 2006

Last Updated:
3 Apr 2007

Threat Assessment

Overall Risk:  Medium
Popularity : Medium
Impact:  High
Simplicity:  Low

Characteristics

Vulnerability ID:  34817
Discovered By:  Anonymous

Exploitable Locally:  No
Exploitable Remotely:  Yes

Impact:  A remote attacker can execute arbitrary code with SYSTEM privileges.

Root Cause:  Software Vulnerability

Description
Recommendations
Affected Technologies
References
 

Description

CA Brightstor ARCserve Backup contains a vulnerability that can allow a remote attacker to execute arbitrary code with SYSTEM privileges. The vulnerability is due to improper bounds checking by the Tape Engine. An attacker can send specially crafted RPC request to TCP port 6502 to execute arbitrary code with SYSTEM privileges.

Back to top

Recommendations



-------------------------------------------------------------------------------
For: CA Brightstor ARCserve Backup Client Agent v9.01 for Windows, CA BrightStor ARCserve Backup for Windows r11, CA BrightStor ARCserve Backup for Windows r11.1, CA BrightStor ARCserve Backup for Windows r11.5, CA Brightstor Enterprise Backup v10.5 for Windows, CA Protection Suites - Protection Suite Server r2 x86 32

Please download and apply the Fixes from the following link:

http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp

-------------------------------------------------------------------------------
For: CA Brightstor ARCserve Backup Client Agent v9.01 for Windows, CA BrightStor ARCserve Backup for Windows r11, CA BrightStor ARCserve Backup for Windows r11.1, CA BrightStor ARCserve Backup for Windows r11.5, CA Brightstor Enterprise Backup v10.5 for Windows, CA Protection Suites - Protection Suite Server r2 x86 32

Please restrict unauthorized access to ports 6502 (TCP) and 111 (UDP).

-------------------------------------------------------------------------------
For: CA Brightstor ARCserve Backup Client Agent v9.01 for Windows, CA BrightStor ARCserve Backup for Windows r11, CA BrightStor ARCserve Backup for Windows r11.1, CA BrightStor ARCserve Backup for Windows r11.5, CA Brightstor Enterprise Backup v10.5 for Windows, CA Protection Suites - Protection Suite Server r2 x86 32

Please download and apply the Fixes from the following link: http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp

Back to top

Affected Technologies

Computer Associates: BrightStor ARCserve Backup v9.01 Client Agent for Windows
Computer Associates: CA BrightStor ARCserve Backup for Windows r11
Computer Associates: CA BrightStor ARCserve Backup for Windows r11.1
Computer Associates: CA BrightStor ARCserve Backup for Windows r11.5
Computer Associates: CA Brightstor Enterprise Backup v10.5 for Windows
Computer Associates: CA Protection Suites - Protection Suite Server r2 x86 32

Back to top

References

CA: babimpsec-notice
CA: babtapeng-security
Mitre CVE: CVE-2006-6076

Back to top

CA Global Security Advisor

Current threat condition: Low
Low
Documents and Tools
Find Threats
Viruses Spyware
Vulnerabilities All
 
 
Page Tools
ShareShare