APP: Computer Associates ARCServer Tape Engine Overflow
This signature detects attempts to exploit a known vulnerability in the Computer Associates BrightStor ARCserve Backup Tape Engine. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the system.
Extended Description
Computer Associates BrightStor ARCserve Backup is affected by a remote buffer-overflow vulnerability because the application fails to perform proper bounds-checking on data supplied to the application. A remote attacker may exploit this issue to execute arbitrary code on a vulnerable computer with SYSTEM privileges. Failed exploit attempts may cause denial-of-service conditions. BrightStore ARCserver Backup 11.5 is vulnerable to this issue; other versions may also be affected.
Affected Products
Computer_associates brightstor_enterprise_backup
References
BugTraq: 21221 22005 22010 22006
CVE: CVE-2007-0169
URL: http://www.lssec.com/advisories/LS-20060908.pdf http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34959 http://www.lssec.com/advisories/ls-20060908.pdf http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp http://www.zerodayinitiative.com/advisories/zdi-07-004.html
Short Name
APP:CA:ARCSRV:RPC-TAPE-ENG
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
ARCServer Associates CVE-2006-6076 CVE-2006-6917 CVE-2007-0168 CVE-2007-0169 Computer Engine Overflow Tape bid:21221 bid:22005 bid:22006 bid:22010
Release Date
12/27/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Computer_associates
CVSS Score
7.5
10.0