Computer Associates (CA) BrightStor Discovery service buffer overflow
| brightstor-discovery-bo (19251) |  High Risk |
Description:
BrightStor ARCserve Backup, BrightStor Enterprise Backup and BrightStor ARCserve are vulnerable to a buffer overflow, caused by improper bounds checking in the Discovery service. A remote attacker could exploit this vulnerability to overflow a buffer and possibly cause a denial of service or execute arbitrary code on the system.
Consequences:
Gain Access
Remedy:
For BrightStor ARCserve Backup v9.0, r11.0, and r11.1 for Windows:
Upgrade to the latest BrightStor ARCserve Backup for Windows, available from the BrightStor Web site. See References.
BrightStor Enterprise Backup version v10.0 and v10.5 for Windows:
Upgrade to the latest BrightStor Enterprise for Windows, available from the BrightStor Web site. See References.
BrightStor ARCserve Backup version r11.0 and r11.1 for Windows (64 Bit Edition):
Upgrade to the latest BrightStor ARCserve Backup for Windows, available from the BrightStor Web site. See References.
BrightStor Enterprise Backup v10.5 for Windows (64 Bit Edition):
Upgrade to the latest BrightStor Enterprise for Windows (64 Bit Edition), available from the BrightStor Web site. See References.
BrightStor ARCserve Backup v9.01 for Windows (64 Bit Edition):
Upgrade to the latest BrightStor Enterprise for Windows (64 Bit Edition), available from the BrightStor Web site. See References.
BrightStor ARCserve 2000 Backup for Windows (Japanese Only):
Upgrade to the latest BrightStor ARCserve 2000 Backup for Windows (Japanese), available from the BrightStor Web site. See References.
BrightStor ARCserve Backup v9 and r11.1 for NetWare:
Upgrade to the latest BrightStor ARCserve Backup for Netware, available from the BrightStor Web site. See References.
References:
- CA SupportConnect Web site: BrightStor updates.
- BID-12491: BrightStor ARCserve/Enterprise Backup UDP Probe Remote Buffer Overflow Vulnerability
- CVE-2005-0260: Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to execute arbitrary code via a long packet to UDP port 41524, which is not properly handled in a recvfrom call.
- SA14183: BrightStor ARCserve Backup Discovery Service Buffer Overflow
- SECTRACK ID: 1013138: BrightStor ARCserve Backup Buffer Overflow in Discovery Service Lets Remote Users Execute Arbitrary Code
- US-CERT VU#864801: Computer Associates BrightStor ARCserve Backup Discovery Service vulnerable to buffer overflow
Platforms Affected:
- CA BrightStor ARCserve Backup for NetWare 11.1
- CA BrightStor ARCserve Backup for NetWare 9
- CA BrightStor ARCserve Backup for Windows 11
- CA BrightStor ARCserve Backup for Windows 11.1
- CA BrightStor ARCserve Backup for Windows 9.0
- CA BrightStor Enterprise Backup 10.0 Windows
- CA BrightStor Enterprise Backup 10.5
- CA BrightStor Enterprise Backup 10.5 Windows
Reported:
Feb 08, 2005
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net