Lucene search

K
saintSAINT CorporationSAINT:99268F91F9C46E515744603668E929C1
HistoryJan 24, 2007 - 12:00 a.m.

BrightStor ARCserve Message Engine opnum 0x75 buffer overflow

2007-01-2400:00:00
SAINT Corporation
download.saintcorporation.com
8

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.943 High

EPSS

Percentile

99.2%

Added: 01/24/2007
CVE: CVE-2007-0169
BID: 22005
OSVDB: 31318

Background

The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default.

Problem

A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary commands by sending a specially crafted request with opnum 0x75 to the Message Engine RPC service.

Resolution

Apply the patch referenced in the Security Notice.

References

<http://www.zerodayinitiative.com/advisories/ZDI-07-003.html&gt;
<http://www.kb.cert.org/vuls/id/180336&gt;

Limitations

Exploit works on BrightStor ARCserve Backup r11.5 SP2.

Platforms

Windows 2000
Windows Server 2003

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.943 High

EPSS

Percentile

99.2%