lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <649CDCB56C88AA458EFF2CBF494B62040200795D@USILMS12.ca.com>
Date: Thu, 11 Jan 2007 18:17:09 -0500
From: "Williams, James K" <James.Williams@...com>
To: <full-disclosure@...ts.grok.org.uk>
Subject: [CAID 34955, 34956, 34957, 34958, 34959,
	34817]: CA BrightStor ARCserve Backup Multiple Overflow
	Vulnerabilities

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Title: [CAID 34955, 34956, 34957, 34958, 34959, 34817]: BrightStor 
ARCserve Backup Multiple Overflow Vulnerabilities

CA Vuln ID (CAID): 34955, 34956, 34957, 34958, 34959, 34817

CA Advisory Date: 2007-01-11

Discovered By: TippingPoint, IBM ISS, iDefense Labs

Impact: Remote attacker can execute arbitrary code.

Summary: CA BrightStor ARCserve Backup contains multiple overflow 
conditions that can allow a remote attacker to execute arbitrary 
code with local SYSTEM privileges on Windows. The BrightStor 
ARCserve Backup Tape Engine service, Mediasvr service, and 
ASCORE.dll file are affected.

Mitigating Factors: None.

Severity: CA has given these vulnerability issues a High risk 
rating.

Affected Products:
BrightStor Products:
   BrightStor ARCserve Backup r11.5
   BrightStor ARCserve Backup r11.1
   BrightStor ARCserve Backup for Windows r11
   BrightStor Enterprise Backup r10.5
   BrightStor ARCserve Backup v9.01
CA Protection Suites r2 Products:
   CA Server Protection Suite r2
   CA Business Protection Suite r2
   CA Business Protection Suite for Microsoft Small Business 
      Server Standard Edition r2
   CA Business Protection Suite for Microsoft Small Business 
      Server Premium Edition r2

Affected platforms:
Microsoft Windows

Status and Recommendation: 
Customers with vulnerable versions of BrightStor ARCserve Backup 
products should apply the appropriate fixes, which are now 
available for download at http://supportconnect.ca.com.
BAB r11.5 - QO84983
BAB r11.1 - QO84984
BAB r11.0 - QI82917
BEB r10.5 - QO84986
BAB v9.01 - QO84985

Determining if you are affected:
Refer to the appropriate APAR for details about updated module 
versions.

References (URLs may wrap): 
CA SupportConnect:
http://supportconnect.ca.com/
CA SupportConnect Security Notice for this vulnerability:
Important Security Notice for BrightStor ARCserve Backup
http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice
.asp
CA BrightStor ARCserve Backup Tape Engine Exploit Security Notice
http://supportconnectw.ca.com/public/storage/infodocs/basbrtapeeng-sec
notice.asp
Solution Document Reference APARs: 
Q084983, Q084984, QI82917, Q084986, Q084985
CA Security Advisor posting:
BrightStor ARCserve Backup Multiple Overflow Vulnerabilities
http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97428
CAID: 34955, 34956, 34957, 34958, 34959, 34817
CAID Advisory links: 
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34955
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34956
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34957
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34958
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34959
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817
Discoverer: TippingPoint, IBM ISS, iDefense Labs
TippingPoint advisories:
http://www.zerodayinitiative.com/advisories/ZDI-07-002.html
http://www.zerodayinitiative.com/advisories/ZDI-07-003.html
http://www.zerodayinitiative.com/advisories/ZDI-07-004.html
IBM ISS advisories:
http://www.iss.net/threats/252.html
http://www.iss.net/threats/253.html
iDefense Labs:
http://labs.idefense.com/
CVE Reference: CVE-2006-5171, CVE-2006-5172, CVE-2007-0168, 
CVE-2007-0169, CVE-2006-6076, CVE-2006-6917
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6917
OSVDB Reference: OSVDB ID: 31317, 31318, 31319, 31320, 31327, 
30637
http://osvdb.org/31317
http://osvdb.org/31318
http://osvdb.org/31319
http://osvdb.org/31320
http://osvdb.org/31327
http://osvdb.org/30637
Other references:
http://www.lssec.com/advisories/LS-20061001.pdf
http://www.lssec.com/advisories/LS-20060908.pdf
http://www.lssec.com/advisories.html

Changelog for this advisory:
v1.0 - Initial Release

Customers who require additional information should contact CA 
Technical Support at http://supportconnect.ca.com.

For technical questions or comments related to this advisory,
please send email to vuln@...com, or contact me directly.

If you discover a vulnerability in CA products, please report
your findings to vuln@...com, or utilize our "Submit a 
Vulnerability" form.
URL: http://www3.ca.com/securityadvisor/vulninfo/submit.aspx


Regards,
Ken Williams ; 0xE2941985
Director, CA Vulnerability Research

CA, One CA Plaza. Islandia, NY 11749
	
Contact http://www3.ca.com/contact/
Legal Notice http://www3.ca.com/legal/
Privacy Policy http://www3.ca.com/privacy/
Copyright © 2007 CA. All rights reserved.

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRabFdXklkd/ilBmFEQLqSgCfSAL4AOYryDvORCtzJxZgWflj2m0AoJH7
Sehm413jR7GtLovRHXpjfhHL
=hwp5
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ