<<< Date Index >>>     <<< Thread Index >>>

CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability



Title: Computer Associates BrightStor ARCserve/Enterprise Backup 
Agents buffer overflow vulnerability

CA Vulnerability ID: 33239

Discovery Date: 2005-04-25

Disclosure Date: 2005-08-02

Discovered By: iDEFENSE

Impact: A remote attacker can execute arbitrary code with SYSTEM 
privileges.

Summary: Computer Associates BrightStor ARCserve Backup and 
BrightStor Enterprise Backup Agents for Windows contain a 
stack-based buffer overflow vulnerability. The vulnerability may 
allow remote attackers to execute arbitrary code with SYSTEM 
privileges, or cause a denial of service condition. The buffer 
overflow is the result of improper bounds checking performed on 
data sent to port 6070. 

Severity: Computer Associates has given this vulnerability a 
High risk rating.

Affected Technologies: This vulnerability exists in the 
following BrightStor ARCserve Backup and BrightStor Enterprise 
Backup application agents:

BrightStor ARCserve Backup r11.1:
- BrightStor ARCserve Backup r11.1 Agent for SQL for Windows
- BrightStor ARCserve Backup r11.1 Agent for Oracle for Windows
- BrightStor ARCserve Backup r11.1 Agent for SAP R/3 for Windows
- BrightStor ARCserve Backup r11.1 Agent for Microsoft Exchange 
  Premium Add-on for Windows

BrightStor ARCserve Backup r11.0:
- BrightStor ARCserve Backup Release 11 Agent for SQL for Windows
- BrightStor ARCserve Backup Release 11 Agent for Oracle for 
  Windows
- BrightStor ARCserve Backup Release 11 Agent for SAP R/3 for 
  Windows
- BrightStor ARCserve Backup Release 11 Agent for Microsoft 
  Exchange Premium Add-on for Windows

BrightStor ARCserve Backup v9.01
- BrightStor ARCserve Backup Version 9 Agent for SQL for Windows
- BrightStor ARCserve Backup Version 9 Agent for Oracle for 
  Windows 
- BrightStor ARCserve Backup Version 9 Agent for SAP R/3 for 
  Windows 

BrightStor Enterprise Backup 10.5
- BrightStor Enterprise Backup v10.5 Agent for SQL for Windows
- BrightStor Enterprise Backup v10.5 Agent for Oracle for 
  Windows
- BrightStor Enterprise Backup v10.5 Serverless Backup Agent for 
  Oracle for Windows
- BrightStor Enterprise Backup v10.5 Agent for Oracle for EMC 
  Timefinder for Windows
- BrightStor Enterprise Backup v10.5 Agent for SAP R/3 for 
  NT/2000

BrightStor Enterprise Backup 10
- BrightStor Enterprise Backup Agent for SQL for Windows
- BrightStor Enterprise Backup Agent for Oracle for Windows
- BrightStor Enterprise Backup Agent for SAP R/3 for Oracle and 
  SQL on Windows
- BrightStor Enterprise Backup Agent for Oracle for EMC 
  Timefinder for Windows
- BrightStor Enterprise Backup Serverless Backup Agent for 
  Oracle for Windows

Status: Security updates that completely remediate this 
vulnerability issue are available for all affected products.

Recommendation (note that URLs may wrap): 
Apply the appropriate security update(s).
BrightStor ARCserve Backup r11.1 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70767&;
startsearch=1
BrightStor ARCserve Backup r11.0 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70769&;
startsearch=1
BrightStor ARCserve Backup v9.01 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70770&;
startsearch=1
BrightStor Enterprise Backup v10.5 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70774&;
startsearch=1
BrightStor Enterprise Backup v10.0 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO70773&;
startsearch=1

CVE Reference: Pending

OSVDB Reference: Pending

Advisory URLs (note that URLs may wrap): 

CA Security Advisor site
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239

E-News: BrightStor Storage Newsletter v05.11 August 2nd, 2005
http://supportconnectw.ca.com/public/enews/BrightStor/brig080205.asp


Should you require additional information, please contact CA 
Technical Support at http://supportconnect.ca.com.


Respectfully,

Ken Williams ; Dir. Vuln Research 
Computer Associates ; 0xE2941985


Computer Associates International, Inc. (CA). 
One Computer Associates Plaza. Islandia, NY 11749
        
Contact Us http://ca.com/catalk.htm
Legal Notice http://ca.com/calegal.htm
Privacy Policy http://ca.com
Copyright 2005 Computer Associates International, Inc.
All rights reserved