Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:BD70771727006C71D068A5A06E296D8B
HistoryMay 27, 2008 - 12:00 a.m.

CA ARCserve Backup xdr_rwsstring buffer overflow

2008-05-2700:00:00
SAINT Corporation
download.saintcorporation.com
12

0.915 High

EPSS

Percentile

98.9%

JSON

Added: 05/27/2008
CVE: CVE-2008-2242
BID: 29283
OSVDB: 45368

Background

CA ARCserve Backup (formerly BrightStor ARCserve Backup) is a backup and recovery solution. It runs several services which use the SUN Remote Procedure Call (SUN-RPC) protocol. SUN-RPC messages are defined using the External Data Representation (XDR) standard.

Problem

A buffer overflow vulnerability in the **xdr_rwsstring** function allows remote attackers to execute arbitrary commands by sending specially crafted data of type SString to various SUN-RPC services.

Resolution

Apply one of the patches referenced in the CA Security Notice.

References

<http://www.zerodayinitiative.com/advisories/ZDI-08-026/&gt;

Limitations

Exploit works on CA ARCserve Backup 11.1 SP2 with patch KB933729 (rpcrt4.dll version 5.2.3790.4115) on Windows and 11.5 on Linux.

Platforms

Windows 2000
Windows Server 2003
Linux

Related

saint 7
cve 1
checkpoint_advisories 3
prion 1
zdi 1
securityvulns 3
nessus 1
seebug 1
saint
saint
CA ARCserve Backup xdr_rwsstring buffer overflow
2008-05-27 00:00:00
CA ARCserve Backup caloggerd opcode 79 buffer overflow
2008-05-30 00:00:00
CA ARCserve Backup xdr_rwsstring buffer overflow
2008-05-27 00:00:00
cve
cve
CVE-2008-2242
2008-05-21 13:24:00
checkpoint_advisories
checkpoint_advisories
CA BrightStor ARCserve Backup XDR Parsing Buffer Overflow (CVE-2008-2242)
2010-04-08 00:00:00
CA BrightStor ARCserve Backup caloggerd Opcode 79 Stack Buffer Overflow (CVE-2008-2242)
2009-12-13 00:00:00
Update Protection against CA BrightStor ARCserve Backup XDR Parsing Buffer Overflow Vulnerability
2008-07-08 00:00:00
prion
prion
Stack overflow
2008-05-21 13:24:00
zdi
zdi
CA BrightStor ARCserve Backup XDR Parsing Buffer Overflow Vulnerability
2008-05-19 00:00:00
securityvulns
securityvulns
ZDI-08-026: CA BrightStor ARCserve Backup Remote Buffer Overflow
2008-05-20 00:00:00
CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities
2008-05-20 00:00:00
CA BrightStor ARCserve Backup multiple security vulnerabilities
2008-05-20 00:00:00
nessus
nessus
CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO92996)
2008-05-22 00:00:00
seebug
seebug
CA ARCserve Backup caloggerd和xdr函数目录遍历及栈溢出漏洞
2008-05-21 00:00:00

0.915 High

EPSS

Percentile

98.9%

JSON
Related for SAINT:BD70771727006C71D068A5A06E296D8B
saint7cve1checkpoint_advisories3prion1zdi1securityvulns3nessus1seebug1