Release DateDec 24, 2011 |
Severitycritical |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates a possible attack against a remote stack based Buffer Overflow vulnerability in Computer Associates BrightStor ARCserve Backup.The vulnerability is caused because the application fails to properly check the bounds of user-supplied data prior to copying it to an insufficiently sized buffer. A successful exploit will allow an attacker to execute arbitrary code with system level privileges. |
Affected ProductsComputer Associates BrightStor ARCserve Backup Laptop & Desktop 11.1Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.0 Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.1 SP1 |
Recommended ActionsPatch for BrightStor ARCserve Backup for Laptops and Desktops r11.1 SP1:http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO83833 Patch for BrightStor ARCserve Backup for Laptops and Desktops r11.0: http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QI85497 Patch for CA Desktop Management Suite r11.1: http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO85401 Patch for CA Desktop Management Suite r11.0: http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QI85423 Patch for BrightStor Mobile Backup r4.0: http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO85402 |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2007-0449 |
Reference/shttp://www.frsirt.com/english/advisories/2007/0314 (FrSIRT)http://www.securityfocus.com/bid/22342 (BugTraq) http://www.securityfocus.com/bid/22340 (BugTraq) |
