Computer Associates BrightStor ARCServe BackUp Multiple Remote Buffer Overflow Vulnerabilities
BID:22199
Info
Computer Associates BrightStor ARCServe BackUp Multiple Remote Buffer Overflow Vulnerabilities
| Bugtraq ID: | 22199 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-0449 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 23 2007 12:00AM |
| Updated: | Jan 25 2007 04:31PM |
| Credit: | Discovered by unknown researchers from NGSS. |
| Vulnerable: |
Computer Associates Desktop Protection Suite 2.0 Computer Associates Desktop Management Suite 11.1 Computer Associates Desktop Management Suite 11.1 Computer Associates Business Protection Suite for Microsoft SBS Std Ed r2 Computer Associates Business Protection Suite for Microsoft SBS Pre ed r2 Computer Associates Business Protection Suite 2.0 Computer Associates BrightStor Mobile Backup 4.0 Computer Associates ARCserve Backup for Laptops and Desktops 11.1 SP1 Computer Associates ARCserve Backup for Laptops and Desktops 11.1 Computer Associates ARCserve Backup for Laptops and Desktops 11.0 |
| Not Vulnerable: |
Computer Associates ARCserve Backup for Laptops and Desktops 11.1 SP2 |
Discussion
Computer Associates BrightStor ARCServe BackUp Multiple Remote Buffer Overflow Vulnerabilities
Computer Associates BrightStor ARCServe BackUp is prone to multiple unspecified buffer-overflow vulnerabilities.
The vendor has reported that these vulnerabilities allow remote attackers to execute arbitrary code with SYSTEM privileges facilitating a full compromise. Unsuccessful attacks may cause denial-of-service conditions as well.
These issues affect BrightStor ARCserve Backup for laptops and desktops running Microsoft Windows.
Computer Associates BrightStor ARCServe BackUp is prone to multiple unspecified buffer-overflow vulnerabilities.
The vendor has reported that these vulnerabilities allow remote attackers to execute arbitrary code with SYSTEM privileges facilitating a full compromise. Unsuccessful attacks may cause denial-of-service conditions as well.
These issues affect BrightStor ARCserve Backup for laptops and desktops running Microsoft Windows.
Exploit / POC
Computer Associates BrightStor ARCServe BackUp Multiple Remote Buffer Overflow Vulnerabilities
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Computer Associates BrightStor ARCServe BackUp Multiple Remote Buffer Overflow Vulnerabilities
Solution:
The vendor has released updates to address these issues.
Computer Associates Desktop Management Suite 11.1
Computer Associates ARCserve Backup for Laptops and Desktops 11.0
Computer Associates Desktop Management Suite 11.1
Computer Associates BrightStor Mobile Backup 4.0
Solution:
The vendor has released updates to address these issues.
Computer Associates Desktop Management Suite 11.1
-
Computer Associates DMS r11.0 - QI85423
Clients using the r11.0 BrightStor ARCserve Backupfor Laptops&Desktops within the Unicenter Desktop and Server Management Suite r11.0, should upgrade to the r11.1 version to get the latest available updates, and then apply fix QO85401. This is a free upgrade, and afterwards users should install all
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QI8542 3&os=WINDOWS&returninput=0&prev=true
Computer Associates ARCserve Backup for Laptops and Desktops 11.0
-
Computer Associates BABLD r11.0 - QI85497
Clients using the r11.0 BrightStor ARCserve Backupfor Laptops&Desktops should upgrade to the r11.1 version to get the latest available updates. This is a free upgrade, and can be done by downloading the patch QO61131. Afterwards users should install all updates at the BABLD 11.1 downloads page at:
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QI8549 7&os=WINDOWS&returninput=0&prev=true
Computer Associates Desktop Management Suite 11.1
-
Computer Associates DMS r11.1 - QO85401
PRODUCT: DMS BAB for Laptops&Desktops Server RELEASE: 11.1 APAR #: QO85401 DATE: 23 JAN 2007 PROBLEM DESCRIPTION: WIN-SECURITY UPDATE A security vulnerability has been reported to CA by NGSS concerning BABLD DMS 11.1, when ports 1900 or
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO8540 1&os=WINDOWS&returninput=0&prev=true
Computer Associates BrightStor Mobile Backup 4.0
-
Computer Associates BMB r4.0 - QO85402
PRODUCT: CA-BMB Server RELEASE: 4.0 APAR #: QO85402 DATE: 23 JAN 2007 PROBLEM DESCRIPTION: NT -SECURITY UPDATE A security vulnerability has been reported to CA by NGSS concerning BMB v4.0. When ports 1900 or 2200
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO8540 2&os=NT&returninput=0&prev=true