CA ARCserve Backup (formerly BrightStor ARCserve Backup) is a backup and recovery solution. The logger daemon (
**caloggerd**) is an RPC service which handles event logs.
A buffer overflow vulnerability in
**caloggerd** allows remote attackers to execute arbitrary commands by sending it a specially crafted request with opcode 79.
Apply one of the patches referenced in the CA Security Notice.
Exploit works on CA ARCserve Backup r11.1 SP2 with patch KB933729 (rpcrt4.dll version 5.2.3790.4115) on Windows, and CA ARCserve Backup r11.5 on Red Hat Enterprise Linux 4.
Windows Server 2003