Vulnerability Detail

CA BrightStor ARCserve Backup for Laptops and Desktops lgserver multiple overflow vulnerabilities

Date Discovered:
23 Jan 2007

Date Published:
24 Jan 2007

Last Updated:
3 Apr 2007

Threat Assessment

Overall Risk: Medium

Popularity : Medium

Impact: High

Simplicity: Medium

Characteristics

Vulnerability ID: 34993
Discovered By: Anonymous

Exploitable Locally: No
Exploitable Remotely: Yes

Impact: Remote attackers can cause a denial of service condition or execute arbitrary code.

Root Cause: Software Vulnerability

Description

Recommendations

Affected Technologies

References

Description

CA BrightStor ARCserve Backup for Laptops and Desktops contains multiple vulnerabilities that can allow remote attackers to cause a denial of service condition or execute arbitrary code. These vulnerabilities are due to improper handling of packets by lgserver.exe. Attackers can send specially crafted packets to cause a denial of service condition or execute arbitrary code.

Recommendations

Affected Technologies

Computer Associates: CA BrightStor ARCserve Backup for Laptops & Desktops - Server r11.0
Computer Associates: CA BrightStor ARCserve Backup for Laptops & Desktops - Server r11.1
Computer Associates: CA BrightStor ARCserve Backup for Laptops & Desktops - Server r11.1 SP1 x86 32 EN
Computer Associates: CA BrightStor Mobile Backup - AdminGui 4
Computer Associates: CA Desktop Management Suite r11 (build 11.0.8049) x86 32
Computer Associates: CA Protection Suites - Desktop Control Center r2 x86 32
Computer Associates: CA Protection Suites - Protection Suite Server r2 x86 32
Computer Associates: CA Unicenter DMS Manager - Backup Manager r11.1 (build 11.1.8124) x86 32

References

Computer Associates: babldimpsec-notice
Mitre CVE: CVE-2007-0449

CA Global Security Advisor

Current threat condition: Low

Documents and Tools

Find Threats

Viruses Spyware
Vulnerabilities All

Page Tools