APP: BrightStor ARCserve Backup Arbitrary Command Execution
This signature detects attempts to exploit a known vulnerability against Computer Associate BrightStor ARCserve Backup. A successful attack can lead to arbitrary code execution.
Extended Description
Computer Associates ARCserve Backup is prone to multiple remote vulnerabilities. Successful exploits allow remote attackers to cause denial-of-service conditions or to execute arbitrary commands in the context of the affected application. This may result in a complete compromise of affected computers. The following applications are affected: CA BrightStor ARCserve Backup r11.1, r11.5, r12.0 for Windows CA Server Protection Suite r2 CA Business Protection Suite r2 CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
Affected Products
Computer_associates brightstor_arcserve_backup
Short Name
APP:CA:ARCSRV:BACKUP-CMD-EXEC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
ARCserve Arbitrary Backup BrightStor CVE-2008-4397 Command Execution bid:31684
Release Date
04/22/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Computer_associates
CVSS Score
10.0