KLA10093
Multiple vulnerabilities in CA software
Updated: 06/18/2020
Detect date
?
03/20/2007
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in ARCserve Backup. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service. Below is a complete list of vulnerabilities

  1. A buffer overflow can be exploited remotely via specially designed RPC requests;
  2. Vectors related to the RPC Server can be exploited remotely via a specially designed TADDR2UADDR;
  3. Vectors related to the Tape Engine can be exploited remotely via a specially designed RPC call.
Affected products

CA BrightStor ARCserve Backup versions 11.5, 11.1, 11.0, 10.5, 9.01

Solution

Update to latest version

Original advisories

CA bulletin

Impacts
?
ACE 
[?]

DoS 
[?]
Related products
BrightStor ARCserve Backup
CVE-IDS
?
CVE-2007-08165.0Critical
CVE-2006-607610.0Critical
CVE-2007-14482.1Warning
CVE-2007-144710.0Critical
Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/3248