| VID |
23182 |
| Severity |
40 |
| Port |
41524 |
| Protocol |
UDP |
| Class |
Daemon |
| Detailed Description |
The BrightStor Backup Discovery Service, according to its version, is vulnerable to multiple vulnerabilities (QO86255). BrightStor ARCserve Backup is an enterprise class backup program and its Discovery Service listens for broadcast packets from other BrightStor servers on the local network to learn about their existence. Multiple Computer Associates (CA) BrightStor ARCserve Backup products are vulnerable to multiple vulnerabilities in the Message Engine RPC service and the Tape Engine service. By sending RPC requests with specially-crafted data to the affected system, an unauthenticated remote attacker could disable the service or execute arbitrary code on the system with SYSTEM privileges.
* References:
http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp
http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0205.html
http://www.frsirt.com/english/advisories/2006/4654
http://www.frsirt.com/english/advisories/2007/0971
http://www.frsirt.com/english/advisories/2007/0461
http://securitytracker.com/alerts/2006/Nov/1017268.html
http://securitytracker.com/alerts/2007/Mar/1017783.html
http://secunia.com/advisories/24009
http://secunia.com/advisories/24512
http://www.kb.cert.org/vuls/id/375353
http://www.kb.cert.org/vuls/id/437300
* Platforms Affected:
Computer Associates, BrightStor ARCserve Backup r11.1
Computer Associates, BrightStor ARCserve Backup r11.5
Computer Associates, BrightStor ARCserve Backup v9.01
Computer Associates, CA Business Protection Suite r2
Computer Associates, CA Business Protection Suite for MS Premium Edition r2
Computer Associates, CA Business Protection Suite for MS Standard Edition r2
Computer Associates, CA Server Protection Suite r2
Computer Associates, BrightStor ARCserve Backup for Windows r11
Computer Associates, BrightStor Enterprise Backup r10.5
Microsoft Windows Any version |
| Recommendation |
Apply the appropriate fix for your system (QO86255), available from the CA SupportConnect Web site at http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp |
| Related URL |
CVE-2006-6076,CVE-2007-0816,CVE-2007-1447,CVE-2007-1448 (CVE) |
| Related URL |
21221,22365,22994 (SecurityFocus) |
| Related URL |
33017,30453,32137,33020 (ISS) |
|
