Security Notice for CA ARCserve Backup - CA Technologies
{{search ? 'Close':'Search'}}

Important Security Notice for
CA ARCserve Backup

December 08, 2006

CA's Technical Support is alerting customers to a security risk associated with the CA ARCserve Backup. Researchers at Assurent ( detected an exploitable problem and reported the vulnerability to CA. We have been working with them to understand the nature of the problem and to make certain that the provided remedy addresses the problem.

CA has confirmed the presence of this vulnerability and has completed development of the update that provides protection against it. Upon completion of quality assurance testing, the update will be released and made available to CA customers on December 7, 2006.

This vulnerability involves an overflow condition that can allow arbitrary code to be executed remotely with local SYSTEM privileges on Windows. This issue affects the BrightStor Backup Discovery Service in multiple CA ARCserve Backup application agents and the Base product.

Customers with vulnerable versions of the CA ARCserve Backup products should upgrade to the latest versions which will be available for download from on or before December 7.

Affected products:

BrightStor Products
  CA ARCserve Backup r11.5 SP1 and below (SP2 does not have this vulnerability please apply 11.5 sp2)
CA ARCserve Backup r11.1
CA ARCserve Backup for Windows r11
BrightStor Enterprise Backup r10.5
CA ARCserve Backup v9.01
CA Protection Suites r2
  CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2

Affected platforms:


Prerequisite conditions for the vulnerability to be exploitable :


Fixes to apply:

BAB r11.5 sp2 – SP2 does not contain the vulnerability, there is no fix to apply.
BAB r11.5 sp1 and below - QO81201
BAB r11.1 - QO84609
BAB r11.0 - QI82917
BEB r10.5 - QO84611
BAB v9.01 - QO84610

Should you require additional information, please contact CA Technical Support at

Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required


We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{}} will be helping you today.

    View Profile

  • Transfered to {{}}

    {{}} joined the conversation

    {{}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1]}} has ended.
    Thank you for your interest in CA.

    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

agent is typing