Check Point Advisories

Update Protection against CA BrightStor ARCserve Backup XDR Parsing Buffer Overflow Vulnerability

Check Point Reference: CPAI-2008-100
Date Published: 8 Jul 2008
Severity: High
Last Updated: Sunday 20 July, 2008
Source: Secunia Advisory: SA30300
Industry Reference:CVE-2008-2242
Protection Provided by:
Who is Vulnerable? CA ARCserve Backup r11.0
CA ARCserve Backup r11.1
CA ARCserve Backup r11.5
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
Vulnerability Description A buffer overflow vulnerability has been discovered in CA BrightStor ARCserve Backup. Computer Associates (CA) provides a group of security and management products for enterprise as well as individual clients. CA BrightStor ARCserve Backup provides centralized control over a series of distributed operations including Backup and Restore, Data Migration, and Threat Management. A remote attacker may exploit this vulnerability to execute arbitrary code on a vulnerable system.
Update/Patch AvaliableApply patches:
Vulnerability DetailsThe vulnerability is due to boundary errors in CA BrightStor ARCserve Backup in the xdr_rwsstring library function. A remote attacker might exploit this vulnerability by sending a long parameter into a daemon using this function to process strings. Successful exploitation of this issue allows the attacker to execute arbitrary code on the vulnerable system.

Protection Overview

This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.