The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain insecure method calls to modify the file system and registry, aka Privileged function exposure.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Brightstor_arcserve_backup | Broadcom | 9.01 (including) | 9.01 (including) |
| Brightstor_arcserve_backup | Broadcom | 10.5 (including) | 10.5 (including) |
| Brightstor_arcserve_backup | Broadcom | 11 (including) | 11 (including) |
| Brightstor_arcserve_backup | Broadcom | 11.1 (including) | 11.1 (including) |
| Brightstor_arcserve_backup | Broadcom | 11.5 (including) | 11.5 (including) |
| Brightstor_enterprise_backup | Broadcom | 10.5 (including) | 10.5 (including) |
References
- http://secunia.com/advisories/27192
- http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp
- http://www.securityfocus.com/archive/1/482121/100/0/threaded
- http://www.securityfocus.com/archive/1/484229/100/0/threaded
- http://www.securityfocus.com/bid/26015
- http://www.securitytracker.com/id?1018805
- http://www.vupen.com/english/advisories/2007/3470
- http://www.zerodayinitiative.com/advisories/ZDI-07-069.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37067
- http://secunia.com/advisories/27192
- http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp
- http://www.securityfocus.com/archive/1/482121/100/0/threaded
- http://www.securityfocus.com/archive/1/484229/100/0/threaded
- http://www.securityfocus.com/bid/26015
- http://www.securitytracker.com/id?1018805
- http://www.vupen.com/english/advisories/2007/3470
- http://www.zerodayinitiative.com/advisories/ZDI-07-069.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37067