Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15712
HistoryJan 12, 2007 - 12:00 a.m.

[CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities

2007-01-1200:00:00
vulners.com
19
JSON

Title: [CAID 34955, 34956, 34957, 34958, 34959, 34817]: BrightStor
ARCserve Backup Multiple Overflow Vulnerabilities

CA Vuln ID (CAID): 34955, 34956, 34957, 34958, 34959, 34817

CA Advisory Date: 2007-01-11

Discovered By: TippingPoint, IBM ISS, iDefense Labs

Impact: Remote attacker can execute arbitrary code.

Summary: CA BrightStor ARCserve Backup contains multiple overflow
conditions that can allow a remote attacker to execute arbitrary
code with local SYSTEM privileges on Windows. The BrightStor
ARCserve Backup Tape Engine service, Mediasvr service, and
ASCORE.dll file are affected.

Mitigating Factors: None.

Severity: CA has given these vulnerability issues a High risk
rating.

Affected Products:
BrightStor Products:
BrightStor ARCserve Backup r11.5
BrightStor ARCserve Backup r11.1
BrightStor ARCserve Backup for Windows r11
BrightStor Enterprise Backup r10.5
BrightStor ARCserve Backup v9.01
CA Protection Suites r2 Products:
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business
Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business
Server Premium Edition r2

Affected platforms:
Microsoft Windows

Status and Recommendation:
Customers with vulnerable versions of BrightStor ARCserve Backup
products should apply the appropriate fixes, which are now
available for download at http://supportconnect.ca.com.
BAB r11.5 - QO84983
BAB r11.1 - QO84984
BAB r11.0 - QI82917
BEB r10.5 - QO84986
BAB v9.01 - QO84985

Determining if you are affected:
Refer to the appropriate APAR for details about updated module
versions.

References (URLs may wrap):
CA SupportConnect:
http://supportconnect.ca.com/
CA SupportConnect Security Notice for this vulnerability:
Important Security Notice for BrightStor ARCserve Backup
http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp
CA BrightStor ARCserve Backup Tape Engine Exploit Security Notice
http://supportconnectw.ca.com/public/storage/infodocs/basbrtapeeng-secnotice.asp
Solution Document Reference APARs:
Q084983, Q084984, QI82917, Q084986, Q084985
CA Security Advisor posting:
BrightStor ARCserve Backup Multiple Overflow Vulnerabilities
http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97428
CAID: 34955, 34956, 34957, 34958, 34959, 34817
CAID Advisory links:
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34955
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34956
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34957
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34958
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34959
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817
Discoverer: TippingPoint, IBM ISS, iDefense Labs
TippingPoint advisories:
http://www.zerodayinitiative.com/advisories/ZDI-07-002.html
http://www.zerodayinitiative.com/advisories/ZDI-07-003.html
http://www.zerodayinitiative.com/advisories/ZDI-07-004.html
IBM ISS advisories:
http://www.iss.net/threats/252.html
http://www.iss.net/threats/253.html
iDefense Labs:
http://labs.idefense.com/
CVE Reference: CVE-2006-5171, CVE-2006-5172, CVE-2007-0168,
CVE-2007-0169, CVE-2006-6076, CVE-2006-6917
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6917
OSVDB Reference: OSVDB ID: 31317, 31318, 31319, 31320, 31327,
30637
http://osvdb.org/31317
http://osvdb.org/31318
http://osvdb.org/31319
http://osvdb.org/31320
http://osvdb.org/31327
http://osvdb.org/30637
Other references:
http://www.lssec.com/advisories/LS-20061001.pdf
http://www.lssec.com/advisories/LS-20060908.pdf
http://www.lssec.com/advisories.html

Changelog for this advisory:
v1.0 - Initial Release

Customers who require additional information should contact CA
Technical Support at http://supportconnect.ca.com.

For technical questions or comments related to this advisory,
please send email to [email protected], or contact me directly.

If you discover a vulnerability in CA products, please report
your findings to [email protected], or utilize our "Submit a
Vulnerability" form.
URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx

Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research

CA, One CA Plaza. Islandia, NY 11749

Contact http://www3.ca.com/contact/
Legal Notice http://www3.ca.com/legal/
Privacy Policy http://www3.ca.com/privacy/
Copyright © 2007 CA. All rights reserved.

Related

nessus 3
cve 8
securityvulns 5
prion 4
checkpoint_advisories 8
saint 20
cert 4
packetstorm 2
zdi 3
nessus
nessus
CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO84983)
2007-01-15 00:00:00
CA BrightStor ARCserve Backup Tape Engine Multiple Remote Overflows (QO84983)
2007-01-12 00:00:00
CA BrightStor ARCserve Backup Tape Engine and Portmapper Multiple Vulnerabilities (QO86255)
2007-03-16 00:00:00
cve
cve
CVE-2006-5171
2007-01-16 20:28:00
CVE-2006-5172
2007-01-16 20:28:00
CVE-2007-2139
2007-04-25 20:19:00
securityvulns
securityvulns
Brightstor ArcServe Backup buffer overflow
2007-04-01 00:00:00
ZDI-07-002: CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerability
2007-01-12 00:00:00
ZDI-07-003: CA BrightStor ARCserve Backup Message Engine Buffer Overflow Vulnerability
2007-01-12 00:00:00
prion
prion
Stack overflow
2007-04-25 20:19:00
Cross site request forgery (csrf)
2007-01-11 22:28:00
Buffer overflow
2007-01-11 22:28:00
checkpoint_advisories
checkpoint_advisories
CA BrightStor ARCserve Backup Tape Engine RPC GetGroupStatus Buffer Overflow (CVE-2006-6917)
2010-08-11 00:00:00
CA BrightStor ARCserve Backup Tape Engine RPC ReserveGroup Buffer Overflow (CVE-2006-6917)
2010-07-29 00:00:00
CA BrightStor ARCserve Backup Tape Engine RPC GetGroupStatus Buffer Overflow attack - Ver2 (CVE-2006-6917)
2014-12-28 00:00:00
saint
saint
BrightStor ARCserve Backup Tape Engine GetGroupStatus buffer overflow
2006-12-22 00:00:00
BrightStor ARCserve Backup Tape Engine GetGroupStatus buffer overflow
2006-12-22 00:00:00
BrightStor ARCserve Backup Tape Engine ReserveGroup buffer overflow
2006-12-26 00:00:00
cert
cert
Computer Associates BrightStor ARCserve Backup Tape Engine fails to properly handle RPC requests
2006-11-22 00:00:00
CA BrightStor ARCserve Backup Tape Engine directly calls user supplied data in RPC requests
2007-01-12 00:00:00
CA BrightStor ARCserve Backup Message Engine RPC buffer overflow
2007-01-12 00:00:00
packetstorm
packetstorm
CA BrightStor ARCserve Tape Engine Buffer Overflow
2009-11-26 00:00:00
CA BrightStor ARCserve Message Engine Buffer Overflow
2009-11-26 00:00:00
zdi
zdi
CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerability
2007-01-11 00:00:00
CA BrightStor ARCserve Backup Message Engine Buffer Overflow Vulnerability
2007-01-11 00:00:00
CA BrightStor ARCserve Backup Tape Engine Buffer Overflow Vulnerability
2007-01-11 00:00:00
JSON
Related for SECURITYVULNS:DOC:15712
nessus3cve8securityvulns5prion4checkpoint_advisories8saint20cert4packetstorm2zdi3