Intrusion PreventionCA.BrightStor.ARCserve.Discovery.Buffer.Overflow
Description
This vulnerability affects the BrightStor ARCserve/Enterprise backup software. The vulnerability results from a remote buffer overflow. This issue is due to a failure of the application to securely copy data from the network, allowing remote attackers to execute arbitrary commands via a large packet to TCP port 41523. An attacker may execute arbitrary code on a vulnerable computer, potentially facilitating unauthorized superuser access. A denial of service condition may arise as well.
Affected Products
BrightStor ARCServe Backup 9.0 Netware
BrightStor ARCserve Backup (BAB) r11.1 Windows
BrightStor ARCserve Backup 11 for Windows
BrightStor ARCServe Backup 11.1 NetWare
BrightStor ARCserve Backup 9.0 Windows (v9.01)
BrightStor ARCserve Backup r11.1 for Windows 64
BrightStor Enterprise Backup 10.0
BrightStor Enterprise Backup v10.5
Impact
Execution of Arbitrary Code resulting in superuser access.
Denial of Service
Recommended Actions
Apply the patches provided by the vendor:
Computer Associates BrightStor ARCServe Backup for NetWare 9.0:
Computer Associates BrightStor ARCServe Backup for Windows 9.0.1:
Computer Associates BrightStor Enterprise Backup 10.0:
Computer Associates BrightStor Enterprise Backup 10.5:
Computer Associates BrightStor ARCServe Backup for Windows 11.0:
Computer Associates BrightStor ARCServe Backup for Windows 11.1:
Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.1:
Computer Associates BrightStor ARCServe Backup for NetWare 11.1:
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-12-11 | 16.978 |
| ID | 11939 |
| Created | Jun 04, 2006 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2006-5143 |
| Exploit Prediction Score | 96.72% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | CA |