Computer Associates BrightStor ARCserve Backup MediaSVR.EXE Remote Buffer Overflow Vulnerability
BID:22015
Info
Computer Associates BrightStor ARCserve Backup MediaSVR.EXE Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 22015 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2006-5171 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 11 2007 12:00AM |
| Updated: | Mar 30 2007 03:13PM |
| Credit: | Paul Mehta is credited with the discovery of this issue. |
| Vulnerable: |
Computer Associates Server Protection Suite r2 Computer Associates Business Protection Suite for Microsoft SBS Std Ed r2 Computer Associates Business Protection Suite for Microsoft SBS Pre ed r2 Computer Associates Business Protection Suite r2 Computer Associates BrightStor Enterprise Backup 10.5 Computer Associates BrightStor ARCServe Backup for Windows 11.0 Computer Associates BrightStor ARCServe Backup 11.1 Computer Associates BrightStor ARCServe Backup 9.01 Computer Associates BrightStor ARCServe Backup 11.5 |
| Not Vulnerable: | |
Discussion
Computer Associates BrightStor ARCserve Backup MediaSVR.EXE Remote Buffer Overflow Vulnerability
Computer Associates BrightStor ARCserve Backup is affected by a remote stack-based buffer-overflow vulnerability because the application fails to perform proper bounds-checking on data supplied to the application.
A remote attacker may exploit this issue to execute arbitrary code on a vulnerable computer with SYSTEM privileges. Failed exploit attempts may cause denial-of-service conditions.
NOTE: User interaction is not required to exploit this vulnerability.
Computer Associates BrightStor ARCserve Backup is affected by a remote stack-based buffer-overflow vulnerability because the application fails to perform proper bounds-checking on data supplied to the application.
A remote attacker may exploit this issue to execute arbitrary code on a vulnerable computer with SYSTEM privileges. Failed exploit attempts may cause denial-of-service conditions.
NOTE: User interaction is not required to exploit this vulnerability.
Exploit / POC
Computer Associates BrightStor ARCserve Backup MediaSVR.EXE Remote Buffer Overflow Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]:
Solution / Fix
Computer Associates BrightStor ARCserve Backup MediaSVR.EXE Remote Buffer Overflow Vulnerability
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.
Computer Associates BrightStor ARCServe Backup 9.01
Computer Associates BrightStor Enterprise Backup 10.5
Computer Associates BrightStor ARCServe Backup for Windows 11.0
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.
Computer Associates BrightStor ARCServe Backup 9.01
-
Computer Associates QO84985
https://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO8 4985
Computer Associates BrightStor Enterprise Backup 10.5
-
Computer Associates QO84986
https://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO8 4986
Computer Associates BrightStor ARCServe Backup for Windows 11.0
-
Computer Associates QI82917
https://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QI8 2917
References
Computer Associates BrightStor ARCserve Backup MediaSVR.EXE Remote Buffer Overflow Vulnerability
References:
References:
- 34955 - CA BrightStor ARCserve Backup Mediasvr stack based buffer overflow vulne (Computer Associates)
- BrightStor ARCserve Backup Product Page (Computer Associates)
- Important Security Notice for BrightStor ARCserve Backup (Computer Associates)
- XFID 29343 - Computer Associates Brightstor ARCserve Mediasvr.exe Overflow (IBM Internet Security Systems X-Force)
- [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup M (Computer Associates)