Intrusion Prevention

CA.BrightStor.ARCserve.Backup.Remote.Buffer.Overflow

Description

This indicates a possible attack against a remote stack based Buffer Overflow vulnerability in Computer Associates BrightStor ARCserve Backup.
The vulnerability is caused because the application fails to properly check the bounds of user-supplied data prior to copying it to an insufficiently sized buffer. A successful exploit will allow an attacker to execute arbitrary code with system level privileges.

Affected Products

Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.1
Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.0
Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.1 SP1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Patch for BrightStor ARCserve Backup for Laptops and Desktops r11.1 SP1:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO83833
Patch for BrightStor ARCserve Backup for Laptops and Desktops r11.0:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QI85497
Patch for CA Desktop Management Suite r11.1:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO85401
Patch for CA Desktop Management Suite r11.0:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QI85423
Patch for BrightStor Mobile Backup r4.0:
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO85402

CVE References

CVE-2007-0449