BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffer Overflow Vulnerability
BID:12491
Info
BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 12491 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 08 2005 12:00AM |
| Updated: | Feb 08 2005 12:00AM |
| Credit: | This vulnerability was discovered by two individuals, one of whom is Patrik Karlsson. The other wishes to remain anonymous. |
| Vulnerable: |
Computer Associates BrightStor Enterprise Backup for Windows 64 bit 10.5 Computer Associates BrightStor Enterprise Backup 10.5 Computer Associates BrightStor Enterprise Backup 10.0 Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.1 Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.0 Computer Associates BrightStor ARCServe Backup for Windows 64 bit 9.0.1 Computer Associates BrightStor ARCServe Backup for Windows 11.1 Computer Associates BrightStor ARCServe Backup for Windows 11.0 Computer Associates BrightStor ARCServe Backup for Windows 9.0 .0.1 Computer Associates BrightStor ARCServe Backup for NetWare 11.1 Computer Associates BrightStor ARCServe Backup for NetWare 9.0 Computer Associates BrightStor ARCserve 2000 Backup Windows Japanese |
| Not Vulnerable: | |
Discussion
BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffer Overflow Vulnerability
Various Computer Associates BrightStor ARCserve/Enterprise Backup products are prone to a remote buffer overflow vulnerability. This issue presents itself because the affected applications do not perform boundary checks prior to copying user-supplied data into sensitive process buffers.
A remote attacker may execute arbitrary code on a vulnerable computer to gain unauthorized access to it.
Various Computer Associates BrightStor ARCserve/Enterprise Backup products are prone to a remote buffer overflow vulnerability. This issue presents itself because the affected applications do not perform boundary checks prior to copying user-supplied data into sensitive process buffers.
A remote attacker may execute arbitrary code on a vulnerable computer to gain unauthorized access to it.
Exploit / POC
BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffer Overflow Vulnerability
The following exploit has been made available by <[email protected]>.
An exploit for the MetaSploit Framework is available.
The following exploit has been made available by <[email protected]>.
An exploit for the MetaSploit Framework is available.
Solution / Fix
BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffer Overflow Vulnerability
Solution:
The vendor has released updates to address this issue.
Computer Associates has made the patch 'QO64496' available for their Microsoft Windows packages. This patch supercedes the patch 'QO62769', which was previously released for this issue and also resolves the issue outlined in BID 12536 (BrightStor ARCserve/Enterprise Discovery Service SERVICEPC Remote Buffer Overflow Vulnerability). Users are advised to apply the new patch as soon as possible; the old patch has been withdrawn.
Fixes QO64496, QO62989, QO62990, and QO62987 superseded by QO64538, QO64712, QO64711, and QO64713.
Fixes QO62767, QO62768, QO62770, QO62771, QO62772, QO62936, and QO62991 superseded by QO64542, QO64539, QO64540, QO64544, QO64541, QO64543, and QO64711.
Users are advised to apply the latest versions of all fixes.
Computer Associates BrightStor ARCserve 2000 Backup Windows Japanese
Computer Associates BrightStor Enterprise Backup 10.0
Computer Associates BrightStor Enterprise Backup 10.5
Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.0
Computer Associates BrightStor ARCServe Backup for Windows 11.0
Computer Associates BrightStor ARCServe Backup for NetWare 11.1
Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.1
Computer Associates BrightStor ARCServe Backup for Windows 11.1
Computer Associates BrightStor ARCServe Backup for NetWare 9.0
Computer Associates BrightStor ARCServe Backup for Windows 9.0 .0.1
Solution:
The vendor has released updates to address this issue.
Computer Associates has made the patch 'QO64496' available for their Microsoft Windows packages. This patch supercedes the patch 'QO62769', which was previously released for this issue and also resolves the issue outlined in BID 12536 (BrightStor ARCserve/Enterprise Discovery Service SERVICEPC Remote Buffer Overflow Vulnerability). Users are advised to apply the new patch as soon as possible; the old patch has been withdrawn.
Fixes QO64496, QO62989, QO62990, and QO62987 superseded by QO64538, QO64712, QO64711, and QO64713.
Fixes QO62767, QO62768, QO62770, QO62771, QO62772, QO62936, and QO62991 superseded by QO64542, QO64539, QO64540, QO64544, QO64541, QO64543, and QO64711.
Users are advised to apply the latest versions of all fixes.
Computer Associates BrightStor ARCserve 2000 Backup Windows Japanese
-
Computer Associates QO62766
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO6276 6&os=NT&returninput=0
Computer Associates BrightStor Enterprise Backup 10.0
-
Computer Associates QO64544
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO6454 4&os=NT&returninput=0
Computer Associates BrightStor Enterprise Backup 10.5
-
Computer Associates QO64540
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO6454 0&os=NT&returninput=0
Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.0
-
Computer Associates QO64712
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO6471 2&os=NT&returninput=0
Computer Associates BrightStor ARCServe Backup for Windows 11.0
-
Computer Associates QO64539
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO6453 9&os=NT&returninput=0
Computer Associates BrightStor ARCServe Backup for NetWare 11.1
-
Computer Associates QO64543
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO6454 3&os=NETWARE&returninput=0
Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.1
-
Computer Associates QO64538
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO6453 8&os=NT&returninput=0 -
Computer Associates QO64711
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO6471 1&os=NT&returninput=0
Computer Associates BrightStor ARCServe Backup for Windows 11.1
-
Computer Associates QO64538
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO6453 8&os=NT&returninput=0
Computer Associates BrightStor ARCServe Backup for NetWare 9.0
-
Computer Associates QO64541
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO6454 1&os=NETWARE&returninput=0
Computer Associates BrightStor ARCServe Backup for Windows 9.0 .0.1
-
Computer Associates QO64542
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO6454 2&os=NT&returninput=0 -
Computer Associates QO64713
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO6471 3&os=NT&returninput=0
References
BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffer Overflow Vulnerability
References:
References:
- BrightStor ARCserve 2000 Product Page (Computer Associates)
- BrightStor ARCserve Backup for Windows Product Page (Computer Associates)
- BrightStor ARCserve Backup Product Page (Computer Associates)
- BrightStor Enterprise Backup v 10.5 Product Page (Computer Associates)
- iDEFENSE Security Advisory 02.09.05: CA BrightStor ARCserve Backup v11 Discovery (iDEFENSE)