Threat Encyclopedia

CA.BrightStor.ARCserve.Backup.XDR.Parsing.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a buffer-overflow vulnerability in BrightStor ARCServe Backup running under Linux.
The vulnerability is caused by a username parameter length-check error in libas6script.so. It allows a remote attacker to execute arbitrary code on the victim's system by sending an excessively long username parameter.

affected-products-logoAffected Products

CA BrightStor ARCServe Backup 11.0
CA BrightStor ARCServe Backup 11.1
CA BrightStor ARCServe Backup 11.5

Impact

System compromise: Remote code execution.

recomended-action-logoRecommended Actions

Apply the latest update from the vendor.

CVE References

CVE-2008-2242