CA ARCserve Backup (formerly BrightStor ARCserve Backup) is a backup and recovery solution. It runs several services which use the SUN Remote Procedure Call (SUN-RPC) protocol. SUN-RPC messages are defined using the External Data Representation (XDR) standard.
A buffer overflow vulnerability in the
**xdr_rwsstring** function allows remote attackers to execute arbitrary commands by sending specially crafted data of type SString to various SUN-RPC services.
Apply one of the patches referenced in the CA Security Notice.
Exploit works on CA ARCserve Backup 11.1 SP2 with patch KB933729 (rpcrt4.dll version 5.2.3790.4115) on Windows and 11.5 on Linux.
Windows Server 2003