APP: CA BrightStor ARCserve Backup Mssage Engine Stack Overflow

This signature detects attempts to exploit a known vulnerability in the Computer Associates ArcServer. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the system.

Extended Description

Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum.

Affected Products

Broadcom brightstor_arcserve_backup

References

BugTraq: 26015

CVE: CVE-2007-5327

Short Name
APP:CA:ARCSRV:BCK-MESSAGE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
ARCserve Backup BrightStor CA CVE-2007-5327 Engine Mssage Overflow Stack bid:26015
Release Date
06/14/2015
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3372
Port
TCP/6504
False Positive
Unknown
Vendors

Broadcom

CVSS Score

10.0

Found a potential security threat?