| VID |
23178 |
| Severity |
40 |
| Port |
41524 |
| Protocol |
UDP |
| Class |
Daemon |
| Detailed Description |
The BrightStor Backup Discovery Service, according to its version, is vulnerable to multiple buffer overflow vulnerabilities. BrightStor ARCserve Backup is an enterprise class backup program and its Discovery Service listens for broadcast packets from other BrightStor servers on the local network to learn about their existence. Multiple Computer Associates (CA) BrightStor ARCserve Backup products could allow a remote attacker to execute arbitrary code, caused by multiple buffer overflows in the Message Engine RPC service and the Tape Engine service. By sending RPC requests with specially-crafted data to the affected system, an unauthenticated remote attacker could execute arbitrary code on the system with SYSTEM privileges.
* References:
http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp
http://supportconnectw.ca.com/public/storage/infodocs/basbrtapeeng-secnotice.asp
http://www3.ca.com/solutions/Product.aspx?ID=4536
http://www.lssec.com/advisories/LS-20060908.pdf
http://www.lssec.com/advisories/LS-20061001.pdf
http://www.kb.cert.org/vuls/id/437300
http://www.securityfocus.com/archive/1/456711/30/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-07-004.html
* Platforms Affected:
Computer Associates, BrightStor ARCserve Backup r11.1
Computer Associates, BrightStor ARCserve Backup r11.5
Computer Associates, BrightStor ARCserve Backup v9.01
Computer Associates, CA Business Protection Suite r2
Computer Associates, CA Business Protection Suite for MS Premium Edition r2
Computer Associates, CA Business Protection Suite for MS Standard Edition r2
Computer Associates, CA Server Protection Suite r2
Computer Associates, BrightStor ARCserve Backup for Windows r11
Computer Associates, BrightStor Enterprise Backup r10.5
Microsoft Windows Any version |
| Recommendation |
Apply the appropriate fix for your system (QO84983, QO84984, QI82917, QO84986, or QO84985), available from the CA SupportConnect Web site at http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp |
| Related URL |
CVE-2006-5171,CVE-2006-5172,CVE-2006-6076,CVE-2006-6917,CVE-2007-0168,CVE-2007-0169 (CVE) |
| Related URL |
21221,22005,22006,22010,22015,22016 (SecurityFocus) |
| Related URL |
29343,29344,31433,30453 (ISS) |
|
