Computer Associates BrightStor ARCserve Backup Agents...
Computer Associates BrightStor ARCserve Backup Agents...
Date Discovered: 2005. augusztus 2.
Date Published: 2005. augusztus 2.
Last Updated: 2005. augusztus 2.
Threat Assessment
Overall Risk: High
Impact: Critical
Popularity: Medium
Simplicity: Medium
Vulnerability ID: 33239
Discovered By: iDEFENSE
Exploitable Locally: No
Exploitable Remotely: Yes
Impact: Remote attackers can execute arbitrary code or cause a denial of service condition.
Root Cause: Software Vulnerability
Computer Associates BrightStor ARCserve Backup system contains a buffer overflow vulnerability that may allow remote attackers to execute arbitrary code or cause a denial of service condition. The vulnerability exists in several BrightStor ARCserve Backup Agents, such as BrightStor ARCserve Backup Agent for Microsoft SQL server, and is due to improper bounds checking performed on data sent to port 6070. Remote attackers can exploit this vulnerability to either crash the agent or to overflow the buffer and execute arbitrary code with SYSTEM privileges.
Recommendations
Technical recommendation - 33239
Install patches provided by the vendor:
BrightStor ARCserve Backup r11.1 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70767&startsearch=1
BrightStor ARCserve Backup r11.0 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70769&startsearch=1
BrightStor ARCserve Backup v9.01 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70770&startsearch=1
BrightStor Enterprise Backup v10.5 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70774&startsearch=1
BrightStor Enterprise Backup v10.0 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70773&startsearch=1
Affected Technologies
Computer Associates: BrightStor ARCserve Backup (BAB) r11.1 Windows
Computer Associates: BrightStor ARCserve Backup 11 for Windows
Computer Associates: BrightStor ARCserve Backup 9.01 Windows
Computer Associates: BrightStor Enterprise Backup v10.0 for Windows
Computer Associates: BrightStor Enterprise Backup v10.5 for Windows
More information on CA Virus Information Center:
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239
- Microsoft revamps Bing to include interactive social sidebar
The three-column interface also includes a ´snapshot´ for more direct interaction with products and places.
- Adobe Creative Cloud Now Available
Two New Touch Apps for iOS and Adobe Muse Also Shipping
- Acer G6 series - Super-slim design, inspiring performance
- Come Explore the VIA Smart Ecosystem at Computex 2012
- HP tries to beat ultrabook pricing with thin-and-light Sleekbooks
- MasterCard´s PayPass Wallet will span online, mobile, in-store shopping
- Google infringed Java copyrights in Android, jury finds
- After false alarm, no verdict Friday in Oracle Google
- Lenovo building industrial center to develop tablets, smartphones
- Facebook´s valuation for IPO will be lower than initially expected
Member of IVSZ
Member of SZEK
Acer Affinity Gold partner
Dell Registered Partner
OKI System Shinrai Partner
XEROX Viszonteladó
APC megbízható szállító
EATON Authorized Partner
Cisco partner
Symantec Software Partner
ESET Partner
FUJITSU partner
LENOVO Premium Partner
IBM Business Partner
PARTNERS: Computerworld.hu | GameStar.hu | PCWorld.hu | SG.hu | PC Guru | Hitel