---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: CA BrightStor ARCserve Backup Universal Agent Buffer Overflow SECUNIA ADVISORY ID: SA14910 VERIFY ADVISORY: http://secunia.com/advisories/14910/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From local network SOFTWARE: BrightStor Enterprise Backup 10.x http://secunia.com/product/314/ BrightStor ARCserve Backup 9.x http://secunia.com/product/313/ BrightStor ARCserve Backup 11.x (for Windows) http://secunia.com/product/3099/ DESCRIPTION: A vulnerability has been reported in BrightStor ARCserve/Enterprise Backup, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the Universal Agent service when receiving certain agent requests. This can be exploited to cause a buffer overflow via a specially crafted request containing a certain value in the "option" field and an overly long string preceding the "option" field. Successful exploitation allows execution of arbitrary code. NOTE: Only Windows versions are reportedly affected. SOLUTION: Apply patches. BrightStor ARCserve Backup r11.1 for Windows (all components): http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66526 BrightStor ARCserve Backup r11.1 Client Agent for Windows only: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66527 BrightStor ARCserve Backup r11.1 for Windows - 64 bit edition: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66534 BrightStor ARCserve Backup r11.0 for Windows: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66525 BrightStor ARCserve Backup r11.0 for Windows - 64 bit edition: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66535 BrightStor Enterprise Backup v10.5 for Windows: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66524 BrightStor Enterprise Backup v10.5 for Windows - 64 bit edition: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66533 BrightStor Enterprise Backup v10.0 for Windows: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66523 BrightStor ARCserve Backup v9.01 for Windows English (all components): http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66528 BrightStor ARCserve Backup v9.01 for Windows Non-English (all components): http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66529 BrightStor ARCserve Backup v9.01 for Windows - 64 bit edition: http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66536 BrightStor ARCserve Backup v9.01 Client Agent for Windows only (English): http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66530 BrightStor ARCserve Backup v9.01 Client Agent for Windows only (Non-English): http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO66531 PROVIDED AND/OR DISCOVERED BY: Discovered by anonymous person and reported via iDEFENSE. ORIGINAL ADVISORY: iDEFENSE: http://www.idefense.com/application/poi/display?id=232&type=vulnerabilities ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------