Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Brightstor_arcserve_backup | Broadcom | 9.01 (including) | 9.01 (including) |
| Brightstor_arcserve_backup | Broadcom | 11 (including) | 11 (including) |
| Brightstor_arcserve_backup | Broadcom | 11.1 (including) | 11.1 (including) |
| Brightstor_arcserve_backup | Broadcom | 11.5 (including) | 11.5 (including) |
| Brightstor_arcserve_backup | Broadcom | 11.5-sp1 (including) | 11.5-sp1 (including) |
| Brightstor_enterprise_backup | Broadcom | 10.5 (including) | 10.5 (including) |
| Server_protection_suite | Broadcom | 2 (including) | 2 (including) |
References
- http://securityreason.com/securityalert/2010
- http://securitytracker.com/id?1017356
- http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp
- http://www.osvdb.org/30775
- http://www.securityfocus.com/archive/1/453916/100/0/threaded
- http://www.securityfocus.com/bid/21502
- http://www.vupen.com/english/advisories/2006/4910
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30791
- http://securityreason.com/securityalert/2010
- http://securitytracker.com/id?1017356
- http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp
- http://www.osvdb.org/30775
- http://www.securityfocus.com/archive/1/453916/100/0/threaded
- http://www.securityfocus.com/bid/21502
- http://www.vupen.com/english/advisories/2006/4910
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30791