Vulnerability Detail

CA BrightStor ARCserve Backup Message Engine buffer overflow vulnerability

Date Discovered:
11 Jan 2006

Date Published:
12 Jan 2007

Last Updated:
3 Apr 2007

Threat Assessment

Overall Risk: Medium

Popularity : Medium

Impact: High

Simplicity: Low

Characteristics

Vulnerability ID: 34958
Discovered By: Anonymous

Exploitable Locally: No
Exploitable Remotely: Yes

Impact: A remote attacker can execute arbitrary code.

Root Cause: Software Vulnerability

Description

Recommendations

Affected Technologies

References

Description

CA BrightStor ARCserve Backup contains a vulnerability that can allow a remote attacker to execute arbitrary code. The vulnerability is due to buffer overflow in the handler for RPC opnum 0xCF. An attacker can send specially crafted RPC request data for opnums 0x2F and 0x75 in the Message Engine RPC service or opnum 0xCF in order to execute arbitrary code.

Recommendations

Affected Technologies

Computer Associates: BrightStor ARCserve Backup v9.01 Client Agent for Windows
Computer Associates: CA BrightStor ARCserve Backup for Windows r11
Computer Associates: CA BrightStor ARCserve Backup for Windows r11.1
Computer Associates: CA BrightStor ARCserve Backup for Windows r11.5
Computer Associates: CA Brightstor Enterprise Backup v10.5 for Windows
Computer Associates: CA Protection Suites - Protection Suite Server r2 x86 32

References

Computer Associates: babimpsec-notice
Mitre CVE: CVE-2007-0169

CA Global Security Advisor

Current threat condition: Low

Documents and Tools

Find Threats

Viruses Spyware
Vulnerabilities All

Page Tools