KLA10093
Multiple vulnerabilities in CA software
Обновлено: 17/06/2019
Дата обнаружения
20/03/2007
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in ARCserve Backup. Malicious users can exploit these vulnerabilities to execute arbitrary code or cause denial of service. Below is a complete list of vulnerabilities

  1. A buffer overflow can be exploited remotely via specially designed RPC requests;
  2. Vectors related to the RPC Server can be exploited remotely via a specially designed TADDR2UADDR;
  3. Vectors related to the Tape Engine can be exploited remotely via a specially designed RPC call.
Пораженные продукты

CA BrightStor ARCserve Backup versions 11.5, 11.1, 11.0, 10.5, 9.01

Решение

Update to latest version

Первичный источник обнаружения
CA bulletin
Оказываемое влияние
?
ACE 
[?]

DoS 
[?]
Связанные продукты
BrightStor ARCserve Backup
CVE-IDS
CVE-2007-08165.0Critical
CVE-2006-607610.0Critical
CVE-2007-14482.1Warning
CVE-2007-144710.0Critical