BrightStor ARCserve/Enterprise Backup Default Backdoor Account Vulnerability
BID:12522
Info
BrightStor ARCserve/Enterprise Backup Default Backdoor Account Vulnerability
| Bugtraq ID: | 12522 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 10 2005 12:00AM |
| Updated: | Feb 10 2005 12:00AM |
| Credit: | An anonymous researcher discovered this vulnerability. |
| Vulnerable: |
Computer Associates BrightStor Enterprise Backup for Tru64 10.5 Computer Associates BrightStor Enterprise Backup for Solaris 10.5 Computer Associates BrightStor Enterprise Backup for Solaris 10.0 Computer Associates BrightStor Enterprise Backup for Mainframe Linux 10.0 Computer Associates BrightStor Enterprise Backup for HPUX 10.0 Computer Associates BrightStor Enterprise Backup for HP 10.5 Computer Associates BrightStor Enterprise Backup for AIX 10.5 Computer Associates BrightStor Enterprise Backup for AIX 10.0 Computer Associates BrightStor ARCServe Backup for Tru64 11.1 Computer Associates BrightStor ARCServe Backup for Solaris 11.1 Computer Associates BrightStor ARCServe Backup for Mainframe Linux 11.1 Computer Associates BrightStor ARCServe Backup for Macintosh 11.1 Computer Associates BrightStor ARCServe Backup for Linux Japanese 9.0 Computer Associates BrightStor ARCServe Backup for Linux 11.1 Computer Associates BrightStor ARCServe Backup for Linux 9.0 Computer Associates BrightStor ARCServe Backup for Linux 7.0 Computer Associates BrightStor ARCServe Backup for HP 11.1 Computer Associates BrightStor ARCServe Backup for AIX 11.1 |
| Not Vulnerable: | |
Discussion
BrightStor ARCserve/Enterprise Backup Default Backdoor Account Vulnerability
BrightStor ARCserve/Enterprise Backup products contain a backdoor account.
It is reported that hard coded credentials are present in the 'UniversalAgent' service of BrightStor ARCserve/Enterprise Backup products for UNIX platforms.
An attacker may carry out various attacks such as arbitrary command and code execution by using the hard coded credentials. This may lead to a complete compromise of an affected computer.
BrightStor ARCserve/Enterprise Backup products contain a backdoor account.
It is reported that hard coded credentials are present in the 'UniversalAgent' service of BrightStor ARCserve/Enterprise Backup products for UNIX platforms.
An attacker may carry out various attacks such as arbitrary command and code execution by using the hard coded credentials. This may lead to a complete compromise of an affected computer.
Exploit / POC
BrightStor ARCserve/Enterprise Backup Default Backdoor Account Vulnerability
An exploit is not required to leverage this issue.
An exploit is not required to leverage this issue.
Solution / Fix
BrightStor ARCserve/Enterprise Backup Default Backdoor Account Vulnerability
Solution:
The vendor has released patches to address this issue in affected applications.
Computer Associates BrightStor Enterprise Backup for Mainframe Linux 10.0
Computer Associates BrightStor Enterprise Backup for AIX 10.0
Computer Associates BrightStor Enterprise Backup for Solaris 10.0
Computer Associates BrightStor Enterprise Backup for HPUX 10.0
Computer Associates BrightStor Enterprise Backup for HP 10.5
Computer Associates BrightStor Enterprise Backup for AIX 10.5
Computer Associates BrightStor Enterprise Backup for Tru64 10.5
Computer Associates BrightStor Enterprise Backup for Solaris 10.5
Computer Associates BrightStor ARCServe Backup for Linux 11.1
Computer Associates BrightStor ARCServe Backup for AIX 11.1
Computer Associates BrightStor ARCServe Backup for HP 11.1
Computer Associates BrightStor ARCServe Backup for Tru64 11.1
Computer Associates BrightStor ARCServe Backup for Solaris 11.1
Computer Associates BrightStor ARCServe Backup for Macintosh 11.1
Computer Associates BrightStor ARCServe Backup for Mainframe Linux 11.1
Computer Associates BrightStor ARCServe Backup for Linux 7.0
Computer Associates BrightStor ARCServe Backup for Linux 9.0
Computer Associates BrightStor ARCServe Backup for Linux Japanese 9.0
Solution:
The vendor has released patches to address this issue in affected applications.
Computer Associates BrightStor Enterprise Backup for Mainframe Linux 10.0
-
Computer Associates QO63689
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6368 9
Computer Associates BrightStor Enterprise Backup for AIX 10.0
-
Computer Associates QO63675
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6367 5
Computer Associates BrightStor Enterprise Backup for Solaris 10.0
-
Computer Associates QO63677
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6367 7
Computer Associates BrightStor Enterprise Backup for HPUX 10.0
-
Computer Associates QO63676
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6367 6
Computer Associates BrightStor Enterprise Backup for HP 10.5
-
Computer Associates QO63679
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6367 9
Computer Associates BrightStor Enterprise Backup for AIX 10.5
-
Computer Associates QO63680
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6368 0
Computer Associates BrightStor Enterprise Backup for Tru64 10.5
-
Computer Associates QO63678
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6367 8
Computer Associates BrightStor Enterprise Backup for Solaris 10.5
-
Computer Associates QO63681
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6368 1
Computer Associates BrightStor ARCServe Backup for Linux 11.1
-
Computer Associates QO63685
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6368 5
Computer Associates BrightStor ARCServe Backup for AIX 11.1
-
Computer Associates QO63687
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6368 7
Computer Associates BrightStor ARCServe Backup for HP 11.1
-
Computer Associates QO63691
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6369 1
Computer Associates BrightStor ARCServe Backup for Tru64 11.1
-
Computer Associates QO63684
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6368 4
Computer Associates BrightStor ARCServe Backup for Solaris 11.1
-
Computer Associates QO63688
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6368 8
Computer Associates BrightStor ARCServe Backup for Macintosh 11.1
-
Computer Associates QO63682
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6368 2
Computer Associates BrightStor ARCServe Backup for Mainframe Linux 11.1
-
Computer Associates QO63683
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6368 3
Computer Associates BrightStor ARCServe Backup for Linux 7.0
-
Computer Associates QO63672
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6367 2
Computer Associates BrightStor ARCServe Backup for Linux 9.0
-
Computer Associates QO63674
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6367 4
Computer Associates BrightStor ARCServe Backup for Linux Japanese 9.0
-
Computer Associates QO63673
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO6367 3
References
BrightStor ARCserve/Enterprise Backup Default Backdoor Account Vulnerability
References:
References:
- BrightStor ARCserve Backup Product Page (Computer Associates)
- iDEFENSE Security Advisory 02.10.05: BrightStor ARCserve Backup Backdoor Vuln (iDEFENSE)