| VID |
23179 |
| Severity |
40 |
| Port |
1900,2200 |
| Protocol |
TCP |
| Class |
Daemon |
| Detailed Description |
The CA BrightStor ARCserve Backup LGServer has multiple vulnerabilities which exist in versions prior to 11.1.900. BrightStor ARCserve Backup is an enterprise class backup program for Microsoft Windows platforms. BrightStor ARCserve Backup for Laptops & Desktops Server versions r11.0 through r11.1 SP1 are vulnerable to multiple vulnerabilities in the LGSERVER.EXE process. A remote attacker could exploit these vulnerabilities to execute arbitrary code on the system with SYSTEM privileges, or to cause the server to crash.
* References:
http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp
http://archives.neohapsis.com/archives/bugtraq/2007-01/0683.html
http://archives.neohapsis.com/archives/bugtraq/2007-01/0684.html
http://archives.neohapsis.com/archives/bugtraq/2007-01/0686.html
http://archives.neohapsis.com/archives/bugtraq/2007-01/0687.html
http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0470.html
http://www.frsirt.com/english/advisories/2007/0314
http://secunia.com/advisories/23897/
* Platforms Affected:
Computer Associates, BrightStor ARCserve Backup for Laptops & Desktops, r11.1 SP1
Computer Associates, BrightStor ARCserve Backup for Laptops & Desktops, r11.1
Computer Associates, BrightStor ARCserve Backup for Laptops & Desktops, r11.0
Microsoft Windows Any version |
| Recommendation |
Apply the appropriate patch for your system, as described in the CA SupportConnect Web site at http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp |
| Related URL |
CVE-2007-0449,CVE-2007-0672,CVE-2007-0673 (CVE) |
| Related URL |
22199,22337,22339,22340,22342 (SecurityFocus) |
| Related URL |
32027,32028,32029,32031 (ISS) |
|
