APP: Computer Associates BrightStor ARCserve Backup caloggerd.exe Null Hostname Denial of Service
This signature detects attempts to exploit a known vulnerability in CA BrightStor ARCserve Backup caloggerd process. An attacker can send a specially crafted RPC request, to exploit a Null dereference issue and create a denial-of-service condition on the affected process.
Extended Description
Computer Associates BrightStor ARCserve Backup is prone to multiple denial-of-service vulnerabilities due to memory-corruption issues caused by errors in processing arguments passed to RPC procedures. A remote attacker may exploit these issues to crash the affected services, resulting in denial-of-service conditions. The following applications are affected: BrightStor ARCserve Backup v9.01, r11.1, r11.5, r11 for Windows BrightStor Enterprise Backup r10.5 CA Server Protection Suite r2, CA Business Protection Suite r2 CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
Affected Products
Computer_associates brightstor_arcserve_backup
References
BugTraq: 24017
CVE: CVE-2007-2772
URL: http://securitytracker.com/alerts/2007/May/1018076.html http://www.milw0rm.com/exploits/3939
Short Name
APP:CA:ARCSRV:LOGGERD-DOS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
ARCserve Associates Backup BrightStor CVE-2007-2772 Computer Denial Hostname Null Service bid:24017 caloggerd.exe of
Release Date
05/30/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
Port
tcp/1339
False Positive
Unknown
Vendors
Computer_associates
CVSS Score
7.8