Multiple vulnerabilities in CA software

Описание

Multiple serious vulnerabilities have been found in ARCserve Backup. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service. Below is a complete list of vulnerabilities

1. A buffer overflow can be exploited remotely via specially designed RPC requests;
2. Vectors related to the RPC Server can be exploited remotely via a specially designed TADDR2UADDR;
3. Vectors related to the Tape Engine can be exploited remotely via a specially designed RPC call.

Первичный источник обнаружения

• CA bulletin
  

Эксплуатация

Public exploits exist for this vulnerability.

Связанные продукты

• BrightStor-ARCserve-Backup

Список CVE

• CVE-2007-0816
  critical
• CVE-2006-6076
  critical
• CVE-2007-1448
  warning
• CVE-2007-1447
  critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com