Intrusion Prevention

CA.BrightStor.ARCServe.Backup.LGServer.Buffer.Overflow

Description

This indicates an attack attempt against a remote stack-based buffer-overflow vulnerability in Computer Associates BrightStor ARCserve Backup.
The vulnerability is due to the vulnerable application's failure to properly check the bounds of user-supplied data prior to copying it to an insufficiently sized buffer. A successful exploit will allow an attacker to execute arbitrary code with system level privileges.

Affected Products

CA BrightStor ARCserve Backup for Laptops and Desktops r11.1 SP1
CA BrightStor ARCserve Backup for Laptops and Desktops r11.1
CA BrightStor ARCserve Backup for Laptops and Desktops r11.0
CA BrightStor Mobile Backup r4.0
CA Desktop Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
CA Desktop Management Suiter11.0
CA Desktop Management Suiter11.1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Patch for BrightStor ARCserve Backup for Laptops and Desktops r11.1 SP1:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO83833
Patch for BrightStor ARCserve Backup for Laptops and Desktops r11.0:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QI85497
Patch for CA Desktop Management Suite r11.1:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO85401
Patch for CA Desktop Management Suite r11.0:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QI85423
Patch for BrightStor Mobile Backup r4.0:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO85402

CVE References

CVE-2007-0449