| Name | CA.BrightStor.ARCserve.Tape.Engine.RPC.Code.Execution |
| Release Date | Jan 15, 2007 |
| Severity | Critical |
| Impact | Gain Access |
| Description | This indicates an attack attempt against a buffer-overflow vulnerability in Computer Associates BrightStor ARCserve Backup.
The vulnerability is due to the software's inability to propery handle specialy crafted RPC requests to the Tape Engine. A remote attacker may exploit this to execute arbitrary code on the system with SYSTEM privileges. |
| Affected Products | CA BrightStor ARCserve Backup r11.5
CA BrightStor ARCserve Backup r11.1
CA BrightStor ARCserve Backup for Windows r11
CA BrightStor Enterprise Backup r10.5
CA BrightStor ARCserve Backup 9.01
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2 |
| Recommended Actions | Apply the appropriate patch.
BrightStor ARCserve Backup r11.5 :
https://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO84983
BrightStor ARCserve Backup r11.1 :
https://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO84984
BrightStor ARCserve Backup for Windows r11 :
https://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QI82917
BrightStor Enterprise Backup r10.5 :
https://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO84986
BrightStor ARCserve Backup v9.01 :
https://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO84985 |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-6917
|
| Reference/s | http://www.vupen.com/english/advisories/2007/0154 (FrSIRT)
|