Title: Computer Associates BrightStor ARCserve/Enterprise Backup
Agents buffer overflow vulnerability
CA Vulnerability ID: 33239
Discovery Date: 2005-04-25
Disclosure Date: 2005-08-02
Discovered By: iDEFENSE
Impact: A remote attacker can execute arbitrary code with SYSTEM
privileges.
Summary: Computer Associates BrightStor ARCserve Backup and
BrightStor Enterprise Backup Agents for Windows contain a
stack-based buffer overflow vulnerability. The vulnerability may
allow remote attackers to execute arbitrary code with SYSTEM
privileges, or cause a denial of service condition. The buffer
overflow is the result of improper bounds checking performed on
data sent to port 6070.
Severity: Computer Associates has given this vulnerability a
High risk rating.
Affected Technologies: This vulnerability exists in the
following BrightStor ARCserve Backup and BrightStor Enterprise
Backup application agents:
BrightStor ARCserve Backup r11.1:
BrightStor ARCserve Backup r11.0:
BrightStor ARCserve Backup v9.01
BrightStor Enterprise Backup 10.5
BrightStor Enterprise Backup 10
Status: Security updates that completely remediate this
vulnerability issue are available for all affected products.
Recommendation (note that URLs may wrap):
Apply the appropriate security update(s).
BrightStor ARCserve Backup r11.1 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70767&
startsearch=1
BrightStor ARCserve Backup r11.0 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70769&
startsearch=1
BrightStor ARCserve Backup v9.01 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70770&
startsearch=1
BrightStor Enterprise Backup v10.5 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70774&
startsearch=1
BrightStor Enterprise Backup v10.0 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70773&
startsearch=1
CVE Reference: Pending
OSVDB Reference: Pending
Advisory URLs (note that URLs may wrap):
CA Security Advisor site
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239
E-News: BrightStor Storage Newsletter v05.11 August 2nd, 2005
http://supportconnectw.ca.com/public/enews/BrightStor/brig080205.asp
Should you require additional information, please contact CA
Technical Support at http://supportconnect.ca.com.
Respectfully,
Ken Williams ; Dir. Vuln Research
Computer Associates ; 0xE2941985
Computer Associates International, Inc. (CA).
One Computer Associates Plaza. Islandia, NY 11749
Contact Us http://ca.com/catalk.htm
Legal Notice http://ca.com/calegal.htm
Privacy Policy http://ca.com
Copyright 2005 Computer Associates International, Inc.
All rights reserved