Computer Associates BrightStor ARCserve Backup LGServer.EXE Denial of Service Variant Vulnerability
BID:22337
Info
Computer Associates BrightStor ARCserve Backup LGServer.EXE Denial of Service Variant Vulnerability
| Bugtraq ID: | 22337 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2007-0673 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 31 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | Mark Litchfield is credited with the discovery of this vulnerability. |
| Vulnerable: |
Computer Associates Desktop Protection Suite 2.0 Computer Associates Desktop Management Suite 11.1 Computer Associates Business Protection Suite for Microsoft SBS Std Ed r2 Computer Associates Business Protection Suite for Microsoft SBS Pre ed r2 Computer Associates Business Protection Suite 2.0 Computer Associates ARCserve Backup for Laptops and Desktops 11.1 SP1 Computer Associates ARCserve Backup for Laptops and Desktops 11.1 Computer Associates ARCserve Backup for Laptops and Desktops 11.0 |
| Not Vulnerable: | |
Discussion
Computer Associates BrightStor ARCserve Backup LGServer.EXE Denial of Service Variant Vulnerability
Computer Associates BrightStor ARCserve Backup is prone to a remote denial-of-service vulnerability because the application fails to handle specially crafted TCP packets.
An attacker can exploit this issue to crash the affected processes, denying service to legitimate users.
Computer Associates BrightStor ARCserve Backup is prone to a remote denial-of-service vulnerability because the application fails to handle specially crafted TCP packets.
An attacker can exploit this issue to crash the affected processes, denying service to legitimate users.
Exploit / POC
Computer Associates BrightStor ARCserve Backup LGServer.EXE Denial of Service Variant Vulnerability
An attacker can exploit this issue by using standard network utilities.
An attacker can exploit this issue by using standard network utilities.
Solution / Fix
Computer Associates BrightStor ARCserve Backup LGServer.EXE Denial of Service Variant Vulnerability
Solution:
The vendor released updates to address this issue. Please see the references for more information.
Computer Associates ARCserve Backup for Laptops and Desktops 11.1
Computer Associates ARCserve Backup for Laptops and Desktops 11.0
Solution:
The vendor released updates to address this issue. Please see the references for more information.
Computer Associates ARCserve Backup for Laptops and Desktops 11.1
-
Computer Associates QI85497
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO83 833
Computer Associates ARCserve Backup for Laptops and Desktops 11.0
-
Computer Associates QO83833
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO83 833 -
Computer Associates QO85402
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO85 402
References
Computer Associates BrightStor ARCserve Backup LGServer.EXE Denial of Service Variant Vulnerability
References:
References:
- BrightStor ARCserve Backup Product Page (Computer Associates)
- Remote DOS BrightStor ARCserve Backup for Laptops & Desktops (NGS Software Insight Security Research)
- Important Security Notice for BrightStor ARCserve Backup for Laptops & Desktops (Computer Associates)