APP: CA Multiple Products DBASVR RPC Server Crafted Pointer Buffer Overflow

There exists a buffer overflow vulnerability in multiple CA products. The problem specifically exists within DBASVR.exe, the Backup Agent RPC Server. The vulnerability is due to failing to bound check user supplied data in certain RPC requests. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted RPC request to the affected interface. Successful exploitation would may lead to arbitrary code injection and execution with the privileges of the server process, typically System. An attack targeting this vulnerability can result in the injection and execution of code. If code execution is successful, the behaviour of the target will depend on the intention of the attacker. Any code injected will be executed with SYSTEM privileges on the targeted host. In the case of an unsuccessful code execution attack, CA DBASVR RPC Server will be terminated.

Extended Description

Computer Associates BrightStor ARCserve is prone to multiple remote vulnerabilities, including buffer-overflow issues, memory-corruption issues, and privilege-escalation issues. Successful exploits allow remote attackers to cause denial-of-service conditions, execute arbitrary machine code in the context of the affected application, or perform actions with elevated privileges. This may result in a complete compromise of affected computers. The following applications are affected: BrightStor ARCserve Backup v9.01, r11.1, r11.5, r11 for Windows BrightStor Enterprise Backup r10.5 CA Server Protection Suite r2, CA Business Protection Suite r2 CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2

Affected Products

Computer_associates brightstor_enterprise_backup

References

BugTraq: 26015

CVE: CVE-2007-5329

Short Name
APP:CA:DBASVR-POINT
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Buffer CA CVE-2007-5329 Crafted DBASVR Multiple Overflow Pointer Products RPC Server bid:26015
Release Date
10/18/2010
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Computer_associates

CVSS Score

10.0

Found a potential security threat?