APP: CA BrightStor ARCserve Backup Message Engine Insecure Method Exposure

There exist unsecured Remote Procedure Call (RPC) methods in the Message Engine service of CA BrightStor Backup product. An unauthenticated remote attacker can send malicious requests to the affected interface to exploit this vulnerability. Successful attack could allow for file system and registry manipulation that leads to complete compromise of the target system. In a successful attack case, the unauthorized attacker can execute System-privileged commands on the target host. These commands are related to file system and registry access and modification, for example, deleting a file from the file system.

Extended Description

Computer Associates BrightStor ARCserve is prone to multiple remote vulnerabilities, including buffer-overflow issues, memory-corruption issues, and privilege-escalation issues. Successful exploits allow remote attackers to cause denial-of-service conditions, execute arbitrary machine code in the context of the affected application, or perform actions with elevated privileges. This may result in a complete compromise of affected computers. The following applications are affected: BrightStor ARCserve Backup v9.01, r11.1, r11.5, r11 for Windows BrightStor Enterprise Backup r10.5 CA Server Protection Suite r2, CA Business Protection Suite r2 CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2

Affected Products

Computer_associates brightstor_enterprise_backup

References

BugTraq: 26015

CVE: CVE-2007-5328

Short Name

APP:CA:ARCSRV:METHOD-EXPOSURE

Severity

Critical

Recommended

False

Recommended Action

Drop

APP: CA BrightStor ARCserve Backup Message Engine Insecure Method Exposure

Extended Description

Affected Products

References

Found a potential security threat?