Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Gain root remotely --> Category: infos

Computer Associates BrightStor ARCserve Backup Tape Engine Remote Buffer Overflow Vulnerability Vulnerability Scan


Vulnerability Scan Summary
Check buffer overflow in BrightStor ARCServe for Windows

Detailed Explanation for this Vulnerability Test

Synopsis :

Arbitrary code can be executed on the remote host.

Description :

This host is running BrightStor ARCServe for Windows.

The remote version of this software is vulnerable to multiple buffer
overflow vulnerabilities in the Tape Engine MSRPC service.

A possible hacker, by sending a specially crafted packet, may be able to
crash the affected service or execute code on the remote host.

See also :

http://www.lssec.com/advisories/LS-20061001.pdf
http://www.securityfocus.com/archive/1/452222/30/0/threaded
https://www.zerodayinitiative.com/advisories/ZDI-07-002.html
https://www.zerodayinitiative.com/advisories/ZDI-07-004.html
http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp

Solution :

Apply security patch QO84983.

Threat Level:

Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/I:C/A:C/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.