Added: 05/27/2008
CVE: CVE-2008-2242
BID: 29283
OSVDB: 45368
CA ARCserve Backup (formerly BrightStor ARCserve Backup) is a backup and recovery solution. It runs several services which use the SUN Remote Procedure Call (SUN-RPC) protocol. SUN-RPC messages are defined using the External Data Representation (XDR) standard.
A buffer overflow vulnerability in the **xdr_rwsstring**
function allows remote attackers to execute arbitrary commands by sending specially crafted data of type SString to various SUN-RPC services.
Apply one of the patches referenced in the CA Security Notice.
<http://www.zerodayinitiative.com/advisories/ZDI-08-026/>
Exploit works on CA ARCserve Backup 11.1 SP2 with patch KB933729 (rpcrt4.dll version 5.2.3790.4115) on Windows and 11.5 on Linux.
Windows 2000
Windows Server 2003
Linux