Re: BrightStor ARCserve Backup buffer overflow PoC

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: BrightStor ARCserve Backup buffer overflow PoC
From: H D Moore <sflist@xxxxxxxxxxxxxxxxxx>
Date: Sat, 12 Feb 2005 21:08:56 -0600
Cc: cybertronic@xxxxxxx
In-reply-to: <20050211181923.27031.qmail@xxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <20050211181923.27031.qmail@xxxxxxxxxxxxxxxxxxxxx>
User-agent: KMail/1.7

Cybertronic has confirmed that this is not the same vulnerability as the 
UDP overflow and that it is not addressed by any available patch from CA.

A module for the Metasploit Framework is available from metasploit.com:
 
http://metasploit.com/projects/Framework/exploits.html#cabrightstor_disco_servicepc

-HD

References:
- BrightStor ARCserve Backup buffer overflow PoC
  - From: cybertronic

Prev by Date: [ GLSA 200502-14 ] mod_python: Publisher Handler vulnerability
Next by Date: Microsoft Baseline Security Analyzer not seeing KB887742 and KB88 6185
Previous by thread: Re: BrightStor ARCserve Backup buffer overflow PoC
Next by thread: Re: BrightStor ARCserve Backup buffer overflow PoC
Index(es):
- Date
- Thread