|
|
>> CA BrightStor ARCserve Backup Multiple Code Execution Vulnerabilities
|
Multiple vulnerabilities have been identified in various CA products, which could be exploited by attackers to bypass security restrictions, cause a denial of service, or take complete control of an affected system.
The first issue is caused by buffer overflow errors in various components ("AScore.dll", "rpcx.dll", Message and RPC Engines) when processing malformed requests, which could be exploited by remote attackers to execute arbitrary code.
The second vulnerability is caused due to privileged functions being available for use without proper authorization, which could be exploited by attackers to execute arbitrary code.
The third issue is caused by memory corruption errors in the RPC, lqserver, mediasvr and caloggerd services when processing malformed requests, which could be exploited by remote attackers to crash an affected application or compromise a vulnerable system.
Affected Products
CA BrightStor ARCserve Backup r11.5
CA BrightStor ARCserve Backup r11.1
CA BrightStor ARCserve Backup r11 for Windows
CA BrightStor Enterprise Backup r10.5
CA BrightStor ARCserve Backup v9.01
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for MS Small Business Server Standard Edition r2
CA Business Protection Suite for MS Small Business Server Premium Edition r2
Solution
CA BrightStor ARCserve Backup r11.5 - Apply patch QO91094 :
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO91094
CA BrightStor ARCserve Backup r11.1 - Apply patch QO91097 :
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO91097
CA BrightStor ARCserve Backup r11.0 - Upgrade to 11.1 and apply the latest patches.
CA BrightStor Enterprise Backup r10.5 - Upgrade to 11.5 and apply the latest patches.
CA BrightStor ARCserve Backup v9.01 - Apply patch QO91098 :
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO91098
CA Protection Suites r2 - Apply patch QO91094 :
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO91094
References
http://www.vupen.com/english/advisories/2007/3470
http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp
Credits
Vulnerabilities reported by VeriSign iDefense Labs, Dyon Balding (Secunia Research), cocoruder (Fortinet Security Research Team), Tenable Network Security, Pedram Amini (DV Labs), Dyon Balding (Secunia Research), eEye Digital Security and shirkdog.
ChangeLog
2007-10-11 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
