<<< Date Index >>>     <<< Thread Index >>>

Release of Arkeia Network Backup 5.3.5 fixes security issue [bugtraq id 12594]




After carefully examining issues recently discussed in public technical forums, 
Arkeia Corp. has immediately released a new version to block any potential 
invasion of Arkeia protected networks.

ANB 5.3.5 fixes a buffer overflow bug that could allow a remote attacker to 
remotely execute arbitrary code, and thereby get root access to the machine.

The fix is also applicable to previous versions of Arkeia (5.1, 5.2, Arkeia 
Light). The appropriate packages can be found on the Arkeia websites:

    * http://www.arkeia.com/donwload/anb/ (Version 5.3.5)
    * http://www.arkeia.com/donwload/52/ (Version 5.2.28)
    * http://www.arkeia.com/donwload/51/ (Version 5.1.21) 


For Arkeia light: http://www.arkeia.org/download/light/

If you are using Arkeia in an untrusted environment such as a publicly 
accessible Web server or corporate mail gateway, it is strongly advised to 
upgrade to this version. The bug is in the arkeiad daemon process, making it 
necessary to upgrade all the sensitive client machines.

Arkeia users should also remember to take into account Arkeia security 
recommendations in the Arkeia User Manual "Appendix B: System Security." We 
urge you to read again the sections describing how to secure Arkeia against 
system-level intrusion.
Arkeia_User_Manual.pdf
-> Arkeia_User_Manual.pdf
or http://www.arkeia.com/manuals.html

To stay up-to-date on all new releases and upgrades of Arkeia Enterprise 
Solutions, you can subscribe to Arkeia Announcements at 
http://www.arkeia.com/mailinglists/