SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  BrightStor ARCserve Vendors:  Computer Associates
BrightStor ARCserve Tape Engine Buffer Overflow Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1017268
SecurityTracker URL:  http://securitytracker.com/id?1017268
CVE Reference:  CVE-2006-6076   (Links to External Site)
Updated:  Mar 16 2007
Original Entry Date:  Nov 21 2006
Impact:  Execution of arbitrary code via network, Root access via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Version(s): 11.5
Description:  A vulnerability was reported in BrightStor ARCserve. A remote user can execute arbitrary code on the target system.

The Tape Engine (tapeeng.exe) does not properly validate RPC requests received on TCP port 6502. A remote user can send specially crafted data to trigger a buffer overflow and execute arbitrary code on the target system. The code will run with System level privileges.

LSsec discovered this vulnerability.
Impact:  A remote user can execute arbitrary code on the target system with System level privileges.
Solution:  The vendor has issued the following fixes, available at:

http://supportconnect.ca.com

BrightStor ARCserve Backup r11.5 - QO86255
BrightStor ARCserve Backup r11.1 - QO86258
BrightStor ARCserve Backup r11.0 - QI82917
BrightStor Enterprise Backup r10.5 - QO86259
BrightStor ARCserve Backup v9.01 - QO86260

The CA advisory is available at:

http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp
Vendor URL:  supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp (Links to External Site)
Cause:  Boundary error
Underlying OS:  Windows (Any)
Reported By:  advisories@lssec.com
Message History:   None.

 Source Message Contents
Date:  Tue, 21 Nov 2006 11:06:58 +0000
From:  advisories@lssec.com
Subject:  LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow

 
LS-20061113

LSsec has discovered a vulnerability in
Computer Associates BrightStor ARCserve
Backup v11.5, which could be exploited by
an anonymous attacker in order to execute
arbitrary code with SYSTEM privileges on
an affected system.

The flaw specifically exists within the
Tape Engine (tapeeng.exe) due to incorrect
handling of RPC requests on TCP port 6502.

For technical details please visit:

	http://www.lssec.com/charity.html

LSsecurity - LSsec.com


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2006, SecurityGlobal.net LLC