Computer Associates BrightStor ARCServe BackUp Tape Engine Multiple Vulnerabilities

Bugtraq ID:	22994
Class:	Boundary Condition Error
CVE:	CVE-2007-1447 CVE-2007-1448
Remote:	Yes
Local:	No
Published:	Mar 15 2007 12:00AM
Updated:	Mar 16 2007 03:34PM
Credit:	These issues were reported by the vendor.
Vulnerable:	Computer Associates Server Protection Suite r2 Computer Associates Protection Suites r2 0 Computer Associates Business Protection Suite for Microsoft SBS Std Ed r2 Computer Associates Business Protection Suite for Microsoft SBS Pre ed r2 Computer Associates Business Protection Suite r2 Computer Associates BrightStor Enterprise Backup 10.5 Computer Associates BrightStor ARCserve Backup for Windows (All) 11.5 Computer Associates BrightStor ARCServe Backup 11.1 Computer Associates BrightStor ARCServe Backup 9.01 Computer Associates BrightStor ARCServe Backup 11.5
Not Vulnerable:

Computer Associates BrightStor ARCServe BackUp Tape Engine Multiple Vulnerabilities

Computer Associates BrightStor ARCServe BackUp Tape Engine service is prone to multiple vulnerabilities.

Exploiting these issues can result in denial-of-service conditions or remote code execution.

Computer Associates BrightStor ARCServe BackUp Tape Engine Multiple Vulnerabilities

Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].

Computer Associates BrightStor ARCServe BackUp Tape Engine Multiple Vulnerabilities

Solution:
The vendor has released fixes to address these issues. Please see the references for more information.

Computer Associates BrightStor ARCServe BackUp Tape Engine Multiple Vulnerabilities

References:

• BrightStor ARCserve Backup Product Page (Computer Associates)
  
• CA BrightStor ARCserve Backup Tape Engine and Portmapper Vulnerabilities (Computer Associates)