Computer Associates BrightStor ARCserve Backup mediasvr caloggerd Denial Of Service Vulnerabilities

Bugtraq ID:	24017
Class:	Input Validation Error
CVE:	CVE-2007-5332
Remote:	Yes
Local:	No
Published:	May 16 2007 12:00AM
Updated:	Dec 18 2007 08:06PM
Credit:	M. Shirk is credited with the discovery of this issue.
Vulnerable:	Computer Associates Server Protection Suite r2 Computer Associates Business Protection Suite for Microsoft SBS Std Ed r2 Computer Associates Business Protection Suite for Microsoft SBS Pre ed r2 Computer Associates Business Protection Suite r2 Computer Associates BrightStor Enterprise Backup 10.5 Computer Associates BrightStor ARCServe Backup for Windows 11.0 Computer Associates BrightStor ARCServe Backup 11.5.2 SP2 Computer Associates BrightStor ARCServe Backup 11.1 Computer Associates BrightStor ARCServe Backup 9.01 Computer Associates BrightStor ARCServe Backup 11.5
Not Vulnerable:

Computer Associates BrightStor ARCserve Backup mediasvr caloggerd Denial Of Service Vulnerabilities

Computer Associates BrightStor ARCserve Backup is prone to multiple denial-of-service vulnerabilities due to memory-corruption issues caused by errors in processing arguments passed to RPC procedures.

A remote attacker may exploit these issues to crash the affected services, resulting in denial-of-service conditions.

The following applications are affected:

BrightStor ARCserve Backup v9.01, r11.1, r11.5, r11 for Windows
BrightStor Enterprise Backup r10.5
CA Server Protection Suite r2,
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2

Computer Associates BrightStor ARCserve Backup mediasvr caloggerd Denial Of Service Vulnerabilities

To exploit this issue, attackers can use readily available tools for creating network packets.

The following exploit is available:

• /data/vulnerabilities/exploits/24017.py

Computer Associates BrightStor ARCserve Backup mediasvr caloggerd Denial Of Service Vulnerabilities

Solution:
The vendor released an advisory and updates to address these issues. Please see the references for more information.


Computer Associates BrightStor ARCServe Backup 9.01

• Computer Associates QO91098 Computer Associates
  http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO91 098

Computer Associates BrightStor ARCServe Backup 11.5

• Computer Associates QO91094 Computer Associates
  http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO91 094

Computer Associates BrightStor ARCServe Backup 11.1

• Computer Associates QO91097 Computer Associates
  http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO91 097

Computer Associates BrightStor ARCserve Backup mediasvr caloggerd Denial Of Service Vulnerabilities

References:

• BrightStor ARCserve Backup Product Page (Computer Associates)
  
• BrightStor ARCserve Backup Security Notice (Computer Associates)
  
• [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabiliti ("Williams, James K" )
  
• CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe Vulnerabilities (Computer Associates)
  
• Updated - [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vul ("Williams, James K" )