| Name | CA.BrightStor.Discovery.Service.Mailslot.Buffer.Overflow |
| Release Date | Jan 21, 2010 |
| Severity | High |
| Impact | System Compromise |
| Description | This indicates an attack attempt against a buffer-overflow vulnerability in CA BrightStor ARCserve Backup.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted long message. It allows a remote attacker to execute arbitrary code. |
| Affected Products | Computer Associates Server Protection Suite r2
Computer Associates Business Protection Suite for Microsoft SBS Std Ed r2
Computer Associates Business Protection Suite for Microsoft SBS Pre ed r2
Computer Associates Business Protection Suite r2
Computer Associates BrightStor Enterprise Backup 10.5
Computer Associates BrightStor ARCServe Backup for Windows 11.0
Computer Associates BrightStor ARCServe Backup 11.5
Computer Associates BrightStor ARCServe Backup 11.1
Computer Associates BrightStor ARCServe Backup 9.01 |
| Recommended Actions | Apply the patch supplied by the vendor:
http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp |
| Common Vulnerabilities and Exposures (CVE) | http://cve.mitre.org/cgi-bin/cvename.cgi?name=2006-5142
|
| Reference/s | http://www.securityfocus.com/bid/20364 (BugTraq)
|