This Metasploit module exploits a buffer overflow in Computer Associates BrightStor ARCserve Backup 11.1 - 11.5 SP2. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.
38992c01beb75cb04dd805a9bcadb1dab7921b19db704a8f59418f9d845fc536
CA BrightStor ARCserve Backup contains multiple overflow conditions that can allow a remote attacker to execute arbitrary code with local SYSTEM privileges on Windows. The BrightStor ARCserve Backup Tape Engine service, Mediasvr service, and ASCORE.dll file are affected.
277d1dc497086cde18530d9b1513f826b6a78561bd1e1048a84224d877383608
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the Tape Engine RPC service which listens by default on TCP port 6503. Affected include BrightStor ARCserve Backup r11.5, BrightStor ARCserve Backup r11.1, BrightStor ARCserve Backup r11, BrightStor Enterprise Backup r10.5, and BrightStor ARCserve Backup v9.01.
989087a7ed2d42991f6c3cdb64913d73a610e31e9ff390c4654a2792a1d17e52
A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup. User interaction is not required to exploit this vulnerability. The specific flaws exists in the Message Engine RPC service which listens by default on TCP ports 6503 and 6504. Affected include BrightStor ARCserve Backup r11.5, BrightStor ARCserve Backup r11.1, BrightStor ARCserve Backup r11, BrightStor Enterprise Backup r10.5, and BrightStor ARCserve Backup v9.01.
9b55a07b1f727791ae4ace2201edb7d2cac96bc0b34845f31c6f01a415a4807e