Intrusion Prevention

CA.BrightStor.ARCserve.Backup.Buffer.Overflow

Description

Computer Associates BrightStor ARCserve Backup is prone to a remote stack-based buffer overflow vulnerability because the application fails to properly check the bounds of user-supplied data prior to copying it to an insufficiently sized buffer.
A successful exploit will allow an attacker to execute arbitrary code with system level privileges.

Affected Products

Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.1
Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.0
Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.1 SP1

Impact

Arbitrary code execution.

Recommended Actions

The vendor has released fixes to address this issue.

CVE References

CVE-2007-0449 CVE-2008-1328