CA.BrightStor.ARCServe.Backup.Laptops.Desktops.Buffer.Overflow

description-logoDescription

This indicates a possible attempt to exploit a buffer-overflow vulnerability in CA ARCserve Backup for Laptops and Desktops.
The vulnerability is located in the rxRPC.dll while handling overly long arguments to the rxsUseLicenseIni RPC Command. It may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will likely cause the program to crash, resulting in a denial-of-service condition.

affected-products-logoAffected Products

Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.1
Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.0
Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.1 SP2
Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.1 SP1
Computer Associates BrightStor ARCserve Backup for Laptops and Desktop 11.5

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the patch, available from the web site:
CA ARCserve Backup for Laptops and Desktops (BMB) r4.0: QO91013
CA ARCserve Backup for Laptops and Desktops 11.1: QO91014
CA ARCserve Backup for Laptops and Desktops 11.5: QO91015

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)