|
Family: Gain root remotely --> Category: infos
Computer Associates BrightStor ARCserve Backup Tape Engine Remote Buffer Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary Check buffer overflow in BrightStor ARCServe for Windows
Detailed Explanation for this Vulnerability Test
Synopsis :
Arbitrary code can be executed on the remote host.
Description :
This host is running BrightStor ARCServe for Windows.
The remote version of this software is vulnerable to multiple buffer
overflow vulnerabilities in the Tape Engine MSRPC service.
A possible hacker, by sending a specially crafted packet, may be able to
crash the affected service or execute code on the remote host.
See also :
http://www.lssec.com/advisories/LS-20061001.pdf
http://www.securityfocus.com/archive/1/452222/30/0/threaded
https://www.zerodayinitiative.com/advisories/ZDI-07-002.html
https://www.zerodayinitiative.com/advisories/ZDI-07-004.html
http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp
Solution :
Apply security patch QO84983.
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/I:C/A:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|