MS-RPC: CA BrightStor ARCserve Backup Message Engine Stack Overflow
This signature detects attempts to exploit a known vulnerability in the Computer Associates ArcServer. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the system.
Extended Description
Computer Associates BrightStor ARCserve is prone to multiple remote vulnerabilities, including buffer-overflow issues, memory-corruption issues, and privilege-escalation issues. Successful exploits allow remote attackers to cause denial-of-service conditions, execute arbitrary machine code in the context of the affected application, or perform actions with elevated privileges. This may result in a complete compromise of affected computers. The following applications are affected: BrightStor ARCserve Backup v9.01, r11.1, r11.5, r11 for Windows BrightStor Enterprise Backup r10.5 CA Server Protection Suite r2, CA Business Protection Suite r2 CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
Affected Products
Computer_associates brightstor_enterprise_backup
References
BugTraq: 26015
CVE: CVE-2007-5327
URL: http://www.frsirt.com/english/advisories/2007/3470 http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp http://www.fortiguardcenter.com/advisory/FGA-2007-11.html http://lists.grok.org.uk/pipermail/full-disclosure/2007-october/066528.html
Short Name
MS-RPC:CA-ARCSRV-BCK-MSG-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
MS-RPC
Keywords
ARCserve Backup BrightStor CA CVE-2007-5327 Engine Message Overflow Stack bid:26015
Release Date
12/21/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Computer_associates
CVSS Score
10.0