CVE-2008-2241

Related Files

Zero Day Initiative Advisory 08-027

Posted May 20, 2008

Authored by Damian Put, Tipping Point | Site zerodayinitiative.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Computer Associates ARCserve Backup. Authentication is not required exploit this vulnerability. The specific flaw exists within the caloggerd log daemon during the processing of log messages that contain directory traversal modifiers. A lack of sanity checking on the provided path allows attackers to append arbitrary data to a file of their choosing and can easily result in a full system compromise.

tags | advisory, remote, arbitrary

advisories | CVE-2008-2241

SHA-256 | 87cfdcbb6613e14cedaf10c5b3083bd9012df90c3f6873619469e64a0001b4c8

Download | Favorite | View

CA-caloggerdxdr.txt

Posted May 20, 2008

Authored by Ken Williams | Site www3.ca.com

CA ARCserve Backup contains multiple vulnerabilities that can allow a remote attacker to cause a denial of service or execute arbitrary code. CA has issued patches to address the vulnerabilities. The first vulnerability, CVE-2008-2241, is due to insufficient path verification by the logging service, caloggerd. An attacker can append data to arbitrary files, which can lead to system compromise. The second vulnerability, CVE-2008-2242, is due to insufficient bounds checking by multiple xdr functions. An attacker can cause an overflow and execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability

advisories | CVE-2008-2241, CVE-2008-2242

SHA-256 | 4e72f135e85d378c8daae3e615f25746727f11c302917fbfcb8e7d99f84d149b

Download | Favorite | View