Security Notice for CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite
{{search ? 'Close':'Search'}}

Security Notice for CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite

Issued: April 03, 2008
Last Updated: June 25, 2008

CA's technical support is alerting customers to security risks in CA ARCserve Backup for Laptops and Desktops Server. Multiple vulnerabilities exist that can allow a remote attacker to execute arbitrary code or cause a denial of service condition. CA has issued updates to address the vulnerabilities.

The first issue, CVE-2008-1328, occurs due to insufficient bounds checking on command arguments by the LGServer service.

The second issue, CVE-2008-1329, occurs due to insufficient verification of file uploads by rxRPC.dll.

In most cases, an attacker can potentially gain complete control of an affected installation. Additionally, only a server installation of BrightStor ARCserve Backup for Laptops and Desktops is affected. The client installation is not affected.

Note: the previously published patches for CVE-2007-3216 and CVE-2007-5005 did not fully address some issues.

Risk Rating

High

Affected Products

CA ARCserve Backup for Laptops and Desktops r11.5
CA ARCserve Backup for Laptops and Desktops r11.1 SP2
CA ARCserve Backup for Laptops and Desktops r11.1 SP1
CA ARCserve Backup for Laptops and Desktops r11.1
CA ARCserve Backup for Laptops and Desktops r11.0
CA Desktop Management Suite 11.2 English
CA Desktop Management Suite 11.2 localized
CA Desktop Management Suite 11.1

How to determine if the installation is affected

For Windows:

  1. Using Windows Explorer, locate the file "rxRPC.dll". The file can be found in the following default locations:

    Product Directory Path
    CA ARCserve Backup for Laptops and Desktops 11.5 C:\Program Files\CA\BrightStor ARCserve Backup for Laptops & Desktops\Explorer
    CA ARCserve Backup for Laptops and Desktops 11.1 C:\Program Files\CA\BrightStor ARCserve Backup for Laptops & Desktops\server
    CA Desktop Management Suite 11.2 English C:\Program Files\CA\DSM\BABLD\MGUI
    CA Desktop Management Suite 11.2 localized C:\Program Files\CA\DSM\BABLD\MGUI


  2. Right click on the files and select Properties.

  3. Select the General tab.

  4. If the file date is earlier than indicated in the below table, the installation is vulnerable.

    Product File Name File Date / Size
    CA ARCserve Backup for Laptops and Desktops 11.5 rxRPC.dll February 18 2008 / 126976
    CA ARCserve Backup for Laptops and Desktops 11.1 rxRPC.dll February 18 2008 / 114688
    CA Desktop Management Suite 11.2 English rxRPC.dll February 18 2008 / 126976
    CA Desktop Management Suite 11.2 localized rxRPC.dll February 18 2008 / 126976

Solution

CA has provided updates to address the vulnerabilities.

CA ARCserve Backup for Laptops and Desktops 11.1, 11.1 SP1, 11.2 SP2:
QO95512

CA ARCserve Backup for Laptops and Desktops 11.5:
QO95513

CA Desktop Management Suite 11.2 English:
QO95513

CA Desktop Management Suite 11.2 localized:
QO95513

CA Desktop Management Suite 11.1:
Upgrade to 11.1 C1.

CA ARCserve Backup for Laptops and Desktops 11.0:
Upgrade to ARCserve Backup for Laptops and Desktops version 11.1 and apply the latest patches.
QI85497

Workaround

None

References

CVE-2008-1328 - LGServer buffer overflow

CVE-2008-1329 - rxRPC.dll file overwrite

Acknowledgements

CVE-2008-1328 and CVE-2008-1329 - Dyon Balding of Secunia Research

Change History

Version 1.0: Initial Release

Version 1.1: Updated description, reference information

If additional information is required, please contact CA Technical Support at https://support.ca.com.

If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form at http://www.ca.com/us/services-support/ca-support/ca-support-online/product-content/recommended-reading/security-notices/contact-information-for-ca-product-vulnerability-response-team.html.

Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing