Intrusion PreventionCA.BrightStor.ARCserve.Backup.Tape.Engine.RPC.Code.Execution
Description
This indicates an attack attempt against a buffer-overflow vulnerability in CA BrightStor ARCserve Backup.
The vulnerability is caused by improper bounds checking in the function whose opnum is 0xBF. By sending a specially crafted RPC request to the Tape Engine service, a remote attacker could overflow a buffer and execute arbitrary code on a vulnerable system.
Affected Products
CA BrightStor ARCserve Backup r11.5
CA BrightStor ARCserve Backup r11.1
CA BrightStor ARCserve Backup for Windows r11
CA BrightStor Enterprise Backup r10.5
CA BrightStor ARCserve Backup 9.01
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the appropriate patch.
BrightStor ARCserve Backup r11.5:
BrightStor ARCserve Backup r11.1:
BrightStor ARCserve Backup for Windows r11:
BrightStor Enterprise Backup r10.5:
BrightStor ARCserve Backup v9.01:
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 13783 |
| Created | Feb 08, 2007 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2007-0168 |
| Exploit Prediction Score | 95.58% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | CA |