Ads Computer Associates BrightStor ARCserve/Enterprise Backup Agents Buffer Overflow Wednesday, 21 September 2005 Summary "BrightStor ARCserve Backup for Windows delivers leading backup and restore protection for all Windows server systems as well as Windows, Linux, Mac OS X and UNIX client environments." Improper bound checking allows attackers to cause a buffer overflow in Computer Associates BrightStor ARCserve/Enterprise Backup Agents and execute arbitrary code or crash the system. Credit: The information has been provided by Williams, James K. The original article can be found at: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239 Details Vulnerable Systems: * BrightStor ARCserve Backup version 11.1 * BrightStor ARCserve Backup version 11.0 * BrightStor ARCserve Backup version 9.01 * BrightStor Enterprise Backup version 10.5 * BrightStor Enterprise Backup version 10 Computer Associates BrightStor ARCserve Backup and BrightStor Enterprise Backup Agents for Windows contain a stack-based buffer overflow vulnerability. The vulnerability may allow remote attackers to execute arbitrary code with SYSTEM privileges, or cause a denial of service condition. The buffer overflow is the result of improper bounds checking performed on data sent to port 6070. Vendor Status: The vendor has issued a patch for the vulnerability: BrightStor ARCserve Backup r11.1 for Windows: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70767&startsearch=1 BrightStor ARCserve Backup r11.0 for Windows: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70769&startsearch=1 BrightStor ARCserve Backup v9.01 for Windows: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70770&startsearch=1 BrightStor Enterprise Backup v10.5 for Windows: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70774&startsearch=1 BrightStor Enterprise Backup v10.0 for Windows: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70773&startsearch=1 CVE Information: CAN-2005-1272   < Prev   Next > [ Back ]

Main Menu SpamAlerts | Windows | Linux | Tutorials | Excell | WhitePapers | News | Spam | Virus Windows Focus VNews Vulnerability Hacking Sql Injection map Downloads Affiliates Online Store Free Ringtones Seo Directory IWebListin Jobs in India Freshers Jobs listings. Winkeyfinder

Copyright 2005-2007 SpamAlertz.com, Content on this site is From variuos other emails, and Advisories.