Computer Associates BrightStor ARCServe BackUp Tape Engine Remote Code Execution Vulnerability
BID:22010
Info
Computer Associates BrightStor ARCServe BackUp Tape Engine Remote Code Execution Vulnerability
| Bugtraq ID: | 22010 |
| Class: | Design Error |
| CVE: |
CVE-2007-0168 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 11 2007 12:00AM |
| Updated: | Apr 21 2008 06:47PM |
| Credit: | LSsecurity <LSsec.com> is credited with the discovery of this issue. |
| Vulnerable: |
Computer Associates BrightStor Enterprise Backup 10.5 Computer Associates BrightStor ARCServe Backup 11.1 Computer Associates BrightStor ARCServe Backup 9.01 Computer Associates BrightStor ARCServe Backup 11.5 Computer Associates BrightStor ARCServe Backup 11 |
| Not Vulnerable: | |
Discussion
Computer Associates BrightStor ARCServe BackUp Tape Engine Remote Code Execution Vulnerability
Computer Associates BrightStor ARCserve Backup is prone to a remote code-execution vulnerability due to a design error in the Tape Engine service.
A successful exploit will allow an attacker to execute arbitrary code with SYSTEM-level privileges.
Note that only applications on the Windows operating system are affected.
Computer Associates BrightStor ARCserve Backup is prone to a remote code-execution vulnerability due to a design error in the Tape Engine service.
A successful exploit will allow an attacker to execute arbitrary code with SYSTEM-level privileges.
Note that only applications on the Windows operating system are affected.
Exploit / POC
Computer Associates BrightStor ARCServe BackUp Tape Engine Remote Code Execution Vulnerability
Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.
Solution / Fix
Computer Associates BrightStor ARCServe BackUp Tape Engine Remote Code Execution Vulnerability
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
Computer Associates BrightStor ARCServe Backup 9.01
Computer Associates BrightStor Enterprise Backup 10.5
Solution:
The vendor has released fixes to address this issue. Please see the references for more information.
Computer Associates BrightStor ARCServe Backup 9.01
-
Computer Associates QO84985
https://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO8 4985
Computer Associates BrightStor Enterprise Backup 10.5
-
Computer Associates QO84986
https://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO8 4986
References
Computer Associates BrightStor ARCServe BackUp Tape Engine Remote Code Execution Vulnerability
References:
References:
- BrightStor ARCserve Backup for Windows Product Page (Computer Associates)
- LS-20061002 - Computer Associates BrightStor ARCserve Backup ( LSsec)
- [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup M (Computer Associates)
- CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerability (ZDI Disclosures)
- 34957 - CA BrightStor ARCserve Backup Tape Engine remote code execution vulnerab (Computer Associates)
- Computer Associates BrightStor ARCserve Backup Remote Code Execution Vulnerabili (LSsec)
- Important Security Notice for BrightStor ARCserve Backup (Computer Associates)
- ZDI-07-002: CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerabili (Zero Day Initiative (ZDI))