exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

CA Security Advisory 35198

CA Security Advisory 35198
Posted May 2, 2007
Authored by Ken Williams, Computer Associates | Site www3.ca.com

CA BrightStor ARCserve Backup Media Server contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.

tags | advisory, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2007-1785, CVE-2007-2139
SHA-256 | 50cf00ebba6e500a55c1f41bdda6ade451e15f3fa8050b06f214c5c44a6563ac

CA Security Advisory 35198

Change Mirror Download

Title: [CAID 35198, 35276]: CA BrightStor ARCserve Backup Media
Server Vulnerabilities

CA Vuln ID (CAID): 35198, 35276

CA Advisory Date: 2007-04-24

Reported By: ZDI

Impact: Remote attackers can cause a denial of service or
potentially execute arbitrary code.

Summary: CA BrightStor ARCserve Backup Media Server contains
multiple vulnerabilities that can allow a remote attacker to cause
a denial of service or possibly execute arbitrary code. CA has
issued patches to address the vulnerabilities. The first
vulnerability, CVE-2007-1785, addresses an issue with the
processing of an object handle. The second vulnerability,
CVE-2007-2139, is due to insufficient bounds checking. In both
cases, a remote unauthenticated attacker can execute arbitrary
code with escalated privileges.

Mitigating Factors: None

Severity: CA has given these vulnerabilities a High risk rating.

Affected Products:
BrightStor Products:
BrightStor ARCserve Backup r11.5
BrightStor ARCserve Backup r11.1
BrightStor ARCserve Backup for Windows r11
BrightStor Enterprise Backup r10.5
BrightStor ARCserve Backup v9.01
CA Protection Suites r2:
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server
Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server
Premium Edition r2

Affected Platforms:
Windows

Status and Recommendation:
Customers using vulnerable versions of BrightStor ARCserve Backup
should upgrade with the latest patches, which are available for
download from http://supportconnect.ca.com.
BrightStor ARCserve Backup r11.5 SP3 - QO87569
BrightStor ARCserve Backup r11.5 SP2 - QO87570
BrightStor ARCserve Backup r11.1 - QO87573
BrightStor ARCserve Backup r11.0 - QI82917
BrightStor Enterprise Backup r10.5 - QO87575
BrightStor ARCserve Backup v9.01 - QO87574

How to determine if the installation is affected:
1. Using Windows Explorer, locate the file "mediasvr.exe".
2. By default, the file is located in the
"C:\Program Files\CA\BrightStor ARCserve Backup" directory.
3. Right click on the file and select Properties.
4. Select the General tab.
5. If the file timestamp is earlier than indicated in the table
below, the installation is vulnerable.

Product Version File Name Timestamp File Size
r11.5 SP3 mediasvr.exe 04/03/2007 10:07:58 110592
r11.5 SP2 mediasvr.exe 04/03/2007 10:00:04 106496
r11.1 mediasvr.exe 04/03/2007 09:55:18 106496
r10.5 mediasvr.exe 04/03/2007 09:46:26 106496
v9.01 mediasvr.exe 04/03/2007 09:51:42 9830

Workaround:
CA recommends that BrightStor ARCserve Backup users who cannot
apply the patches at this time implement the following temporary
workaround to mitigate the vulnerability:
1. Rename the "mediasvr.exe" file to a non-functional file name,
such as "mediasvr.exe.disable".
2. Restart the CA BrightStor Tape Engine service.

References (URLs may wrap):
CA SupportConnect:
http://supportconnect.ca.com/
CA SupportConnect Security Notice for this vulnerability:
BrightStor ARCserve Backup Media Server Security Notice
http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp
Solution Document Reference APARs:
QO87569, QO87570, QO87573, QI82917, QO87575, QO87574
CA Security Advisor posting:
CA BrightStor ARCserve Backup Media Server Vulnerabilities
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=136549
CAID: 35198, 35276
CAID Advisory links:
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35198
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35276
Reported By: ZDI
ZDI Advisory: ZDI-07-022
http://www.zerodayinitiative.com/advisories/ZDI-07-022.html
CVE References: CVE-2007-1785, CVE-2007-2139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1785
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2139
OSVDB References: OSVDB-34126, OSVDB-34127
http://osvdb.org/34126
http://osvdb.org/34127

Changelog for this advisory:
v1.0 - Initial Release

Customers who require additional information should contact CA
Technical Support at http://supportconnect.ca.com.

For technical questions or comments related to this advisory, please
send email to vuln AT ca DOT com.

If you discover a vulnerability in CA products, please report your
findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability"
form.
URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx


Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research

CA, 1 CA Plaza, Islandia, NY 11749

Contact http://www.ca.com/us/contact/
Legal Notice http://www.ca.com/us/legal/
Privacy Policy http://www.ca.com/us/privacy/
Copyright (c) 2007 CA. All rights reserved.
Login or Register to add favorites

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    7 Files
  • 23
    May 23rd
    111 Files
  • 24
    May 24th
    27 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    6 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close