[<prev] [next>] [day] [month] [year] [list]
Message-ID: <649CDCB56C88AA458EFF2CBF494B62040200795D@USILMS12.ca.com>
Date: Thu, 11 Jan 2007 18:17:09 -0500
From: "Williams, James K" <James.Williams@...com>
To: <full-disclosure@...ts.grok.org.uk>
Subject: [CAID 34955, 34956, 34957, 34958, 34959,
34817]: CA BrightStor ARCserve Backup Multiple Overflow
Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Title: [CAID 34955, 34956, 34957, 34958, 34959, 34817]: BrightStor
ARCserve Backup Multiple Overflow Vulnerabilities
CA Vuln ID (CAID): 34955, 34956, 34957, 34958, 34959, 34817
CA Advisory Date: 2007-01-11
Discovered By: TippingPoint, IBM ISS, iDefense Labs
Impact: Remote attacker can execute arbitrary code.
Summary: CA BrightStor ARCserve Backup contains multiple overflow
conditions that can allow a remote attacker to execute arbitrary
code with local SYSTEM privileges on Windows. The BrightStor
ARCserve Backup Tape Engine service, Mediasvr service, and
ASCORE.dll file are affected.
Mitigating Factors: None.
Severity: CA has given these vulnerability issues a High risk
rating.
Affected Products:
BrightStor Products:
BrightStor ARCserve Backup r11.5
BrightStor ARCserve Backup r11.1
BrightStor ARCserve Backup for Windows r11
BrightStor Enterprise Backup r10.5
BrightStor ARCserve Backup v9.01
CA Protection Suites r2 Products:
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business
Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business
Server Premium Edition r2
Affected platforms:
Microsoft Windows
Status and Recommendation:
Customers with vulnerable versions of BrightStor ARCserve Backup
products should apply the appropriate fixes, which are now
available for download at http://supportconnect.ca.com.
BAB r11.5 - QO84983
BAB r11.1 - QO84984
BAB r11.0 - QI82917
BEB r10.5 - QO84986
BAB v9.01 - QO84985
Determining if you are affected:
Refer to the appropriate APAR for details about updated module
versions.
References (URLs may wrap):
CA SupportConnect:
http://supportconnect.ca.com/
CA SupportConnect Security Notice for this vulnerability:
Important Security Notice for BrightStor ARCserve Backup
http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice
.asp
CA BrightStor ARCserve Backup Tape Engine Exploit Security Notice
http://supportconnectw.ca.com/public/storage/infodocs/basbrtapeeng-sec
notice.asp
Solution Document Reference APARs:
Q084983, Q084984, QI82917, Q084986, Q084985
CA Security Advisor posting:
BrightStor ARCserve Backup Multiple Overflow Vulnerabilities
http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97428
CAID: 34955, 34956, 34957, 34958, 34959, 34817
CAID Advisory links:
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34955
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34956
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34957
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34958
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34959
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817
Discoverer: TippingPoint, IBM ISS, iDefense Labs
TippingPoint advisories:
http://www.zerodayinitiative.com/advisories/ZDI-07-002.html
http://www.zerodayinitiative.com/advisories/ZDI-07-003.html
http://www.zerodayinitiative.com/advisories/ZDI-07-004.html
IBM ISS advisories:
http://www.iss.net/threats/252.html
http://www.iss.net/threats/253.html
iDefense Labs:
http://labs.idefense.com/
CVE Reference: CVE-2006-5171, CVE-2006-5172, CVE-2007-0168,
CVE-2007-0169, CVE-2006-6076, CVE-2006-6917
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6917
OSVDB Reference: OSVDB ID: 31317, 31318, 31319, 31320, 31327,
30637
http://osvdb.org/31317
http://osvdb.org/31318
http://osvdb.org/31319
http://osvdb.org/31320
http://osvdb.org/31327
http://osvdb.org/30637
Other references:
http://www.lssec.com/advisories/LS-20061001.pdf
http://www.lssec.com/advisories/LS-20060908.pdf
http://www.lssec.com/advisories.html
Changelog for this advisory:
v1.0 - Initial Release
Customers who require additional information should contact CA
Technical Support at http://supportconnect.ca.com.
For technical questions or comments related to this advisory,
please send email to vuln@...com, or contact me directly.
If you discover a vulnerability in CA products, please report
your findings to vuln@...com, or utilize our "Submit a
Vulnerability" form.
URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx
Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research
CA, One CA Plaza. Islandia, NY 11749
Contact http://www3.ca.com/contact/
Legal Notice http://www3.ca.com/legal/
Privacy Policy http://www3.ca.com/privacy/
Copyright © 2007 CA. All rights reserved.
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBRabFdXklkd/ilBmFEQLqSgCfSAL4AOYryDvORCtzJxZgWflj2m0AoJH7
Sehm413jR7GtLovRHXpjfhHL
=hwp5
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists