CA BrightStor ARCserve Backup Discovery Service Buffer Overflow Vulnerability

Advisory Content :

Title: CAID 34846: CA BrightStor ARCserve Backup Discovery Service

Buffer Overflow Vulnerability

CA Vulnerability ID (CAID): 34846

CA Advisory Date: 2006-12-07

Discovered By: Assurent Secure Technologies (assurent.com)

Impact: Remote attacker can execute arbitrary code.

Summary: CA BrightStor ARCserve Backup contains a buffer overflow

that allows remote attackers to execute arbitrary code with local

SYSTEM privileges on Windows. This issue affects the BrightStor

Backup Discovery Service in multiple BrightStor ARCserve Backup

application agents and the Base product.

Mitigating Factors: None.

Severity: CA has given this vulnerability a High risk rating.

Affected Products:

BrightStor Products:

- BrightStor ARCserve Backup r11.5 SP1 and below (SP2 does not

have this vulnerability ; please apply r11.5 SP2)

- BrightStor ARCserve Backup r11.1

- BrightStor ARCserve Backup for Windows r11

- BrightStor Enterprise Backup 10.5

- BrightStor ARCserve Backup v9.01

CA Protection Suites r2:

- CA Server Protection Suite r2

- CA Business Protection Suite r2

- CA Business Protection Suite for Microsoft Small Business Server

Standard Edition r2

- CA Business Protection Suite for Microsoft Small Business Server

Premium Edition r2

Affected platforms:

Microsoft Windows

Status and Recommendation:

Customers with vulnerable versions of BrightStor ARCserve Backup

products should upgrade to the latest versions which are available

for download from http://supportconnect.ca.com.

Solution Document Reference APARs:

QO84609, QI82917, QO84611, QO84610

Determining if you are affected:

For a list of updated files, and instructions on how to verify

that the security update was fully applied, please review the

Informational Solution referenced in the appropriate Solution

Document.

References (URLs may wrap):

CA SupportConnect:

http://supportconnect.ca.com/

CA SupportConnect Security Notice for this vulnerability:

Important Security Notice for BrightStor ARCserve Backup

http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice
.asp

Solution Document Reference APARs:

QO84609, QI82917, QO84611, QO84610

CA Security Advisor Research Blog postings:

http://www3.ca.com/blogs/posting.aspx?id=90744&pid=96149&date=2006/12

CAID: 34846

CAID Advisory links:

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34846

Discoverer: Assurent Secure Technologies

http://www.assurent.com/

CVE Reference: CVE-2006-6379

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6379

OSVDB Reference: OSVDB IDs: 30775

http://osvdb.org/30775

Changelog for this advisory:

v1.0 - Initial Release

Customers who require additional information should contact CA

Technical Support at http://supportconnect.ca.com.

For technical questions or comments related to this advisory,

please send email to vuln (at) ca (dot) com [email concealed], or contact
me directly.

If you discover a vulnerability in CA products, please report

your findings to vuln (at) ca (dot) com [email concealed], or utilize our
"Submit a

Vulnerability" form.

URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx

Regards,

Ken Williams ; 0xE2941985

Director, CA Vulnerability Research

CA, One CA Plaza. Islandia, NY 11749

Contact http://www3.ca.com/contact/

Legal Notice http://www3.ca.com/legal/

Privacy Policy http://www3.ca.com/privacy/

Copyright Â© 2006 CA. All rights reserved.

Security

IT News

Search

SecurityAlert Database

About SecurityAlert

ExploitAlert Database

SecurityReason Research

WLB Database

Send to WLB

About WLB

Security Audit

Schedule

Prices of services

Contact

SecurityReason IT News

SecurityAlert

World Laboratory of Bugtraq

ExploitAlert

Apache

PHP

Contact

About SecurityReason

CA BrightStor ARCserve Backup Discovery Service Buffer Overflow Vulnerability