| VID |
23121 |
| Severity |
40 |
| Port |
6050 |
| Protocol |
TCP |
| Class |
UniversalAgent |
| Detailed Description |
The UniversalAgent service of BrightStor ARCserve Backup is vulnerable to a buffer overflow vulnerability. UniversalAgent is an agent used by BrightStor ARCserve/Enterprise to perform backups. BrightStor ARCserve/Enterprise Backup version r9.01, r10.0, r10.5, r11.0 and r11.1 running on Microsoft Windows are vulnerable to a buffer overflow vulnerability in the Backup UniversalAgent. By sending a specially-crafted packet to TCP port 6050, a remote attacker could execute arbitrary code on the affected host with SYSTEM-level privileges.
* References:
http://www.securityfocus.com/archive/1/395512
http://www.securitytracker.com/alerts/2005/Apr/1013677.html
http://www3.ca.com/Solutions/ProductFamily.asp?ID=115
http://xforce.iss.net/xforce/alerts/id/194
* Platforms Affected:
Computer Associates, Inc., BrightStor ARCserve Backup r9.01, r10.0, r10.5, r11.0, r11.1
Microsoft Windows Any version |
| Recommendation |
Apply the appropriate patch for your system, as listed in iDEFENSE Security Advisory 04.11.05 at http://www.idefense.com/application/poi/display?id=232&type=vulnerabilities&flashstatus=true |
| Related URL |
CVE-2005-1018 (CVE) |
| Related URL |
13102 (SecurityFocus) |
| Related URL |
20054 (ISS) |
|
