CA.BrightStor.ARCserve.Backup.XDR.Parsing.Buffer.Overflow
Description
This indicates an attempt to exploit a buffer-overflow vulnerability in BrightStor ARCServe Backup running under Linux.
The vulnerability is caused by a username parameter length-check error in libas6script.so. It allows a remote attacker to execute arbitrary code on the victim's system by sending an excessively long username parameter.
Affected Products
CA BrightStor ARCServe Backup 11.0
CA BrightStor ARCServe Backup 11.1
CA BrightStor ARCServe Backup 11.5
Impact
System compromise: Remote code execution.
Recommended Actions
Apply the latest update from the vendor.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |