Alias(es)BrightStor.ARCserve.UDP.Probe.Buffer.Overflow, BrightStor.ARCserve.Discovery.SERVICEPC.Buffer.Overflow.B, BrightStor.ARCserve.Discovery.SERVICEPC.Buffer.Overflow.A |
Release DateSep 11, 2006 |
Severityhigh |
ImpactSystem compromise: remote code execution. |
DescriptionThis indicates an attempt to exploit a remote buffer overflow vulnerability in Computer Associates BrightStor ARCServe Backup system.Computer Associates BrightStor ARCServe Backup is used for backup and restore protection for various server platforms and clients systems. A remote buffer overflow vulnerability is reported in it that may allow an attacker to execute arbitrary code on the affected system. This is due to the application's discovery process failing to boundary check broadcast UDP messages from other backup servers. To exploit this, an attacker may send UDP packets of more than 967 bytes, which overflow buffers on vulnerable systems and execute arbitrary code with system privileges. |
Affected ProductsBrightStor ARCserve 2000BrightStor ARCserve Backup 11.x BrightStor ARCserve Backup 11.x (for Windows) BrightStor ARCserve Backup 9.x BrightStor Enterprise Backup 10.x |
Recommended ActionsApply updates from the following links:BrightStor ARCserve Backup r11.1 for Windows: http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO62769 BrightStor ARCserve Backup r11.0 for Windows: http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO62768 BrightStor Enterprise Backup v10.5 for Windows: http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO62770 BrightStor Enterprise Backup v10.0 for Windows: http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO62771 BrightStor ARCserve Backup v9.01 for Windows: http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO62767 BrightStor ARCserve Backup r11.1 for Windows (64 Bit Edition): http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO62990 BrightStor ARCserve Backup r11.0 for Windows (64 Bit Edition): http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO62989 BrightStor Enterprise Backup v10.5 for Windows (64 Bit Edition): http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO62991 BrightStor ARCserve Backup v9.01 for Windows (64 Bit Edition): http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO62987 BrightStor ARCserve 2000 Backup for Windows (Japanese Only): http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO62766 BrightStor ARCserve Backup r11.1 for NetWare: http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO62936 BrightStor ARCserve Backup v9 for NetWare: http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO62772 |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2005-2535CVE-2005-0260 |
Reference/shttp://www.securityfocus.com/bid/12536 (BugTraq)http://www.securityfocus.com/bid/12491 (BugTraq) |
