Intrusion PreventionCA.BrightStor.ARCserve.Backup.Tape.Engine.RPC.Memory.Corruption
Description
This indicates an attack attempt against a memory-corruption vulnerability in CA BrightStor ARCserve Backup.
The vulnerability is caused by an error in tapeeng.dll while handling some malicious stub data. By sending a specially crafted RPC request to the Tape Engine, a remote attacker may overflow a buffer and execute arbitrary code on a vulnerable system.
Affected Products
Computer Associates Server Protection Suite r2
Computer Associates Protection Suites r2 0
Computer Associates Business Protection Suite for Microsoft SBS Std Ed r2
Computer Associates Business Protection Suite for Microsoft SBS Pre ed r2
Computer Associates Business Protection Suite r2
Computer Associates BrightStor Enterprise Backup 10.5
Computer Associates BrightStor ARCserve Backup for Windows (All) 11.5
Computer Associates BrightStor ARCServe Backup 11.1
Computer Associates BrightStor ARCServe Backup 9.01
Computer Associates BrightStor ARCServe Backup 11.5
Impact
System Compromise: Remote attackers can gain control of the vulnerable system.
Recommended Actions
CA BrightStor ARCserve Backup r11.5 - Apply patch QO86255 :
CA BrightStor ARCserve Backup r11.1 - Apply patch QO86258 :
CA BrightStor ARCserve Backup r11.0 - Apply patch QI82917 :
CA BrightStor Enterprise Backup r10.5 - Apply patch QO86259 :
CA BrightStor ARCserve Backup v9.01 - Apply patch QO86260 :
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 14569 |
| Created | May 16, 2007 |
| Updated | Nov 15, 2021 |
| Risk |
|
| CVE ID | CVE-2007-1447 |
| Exploit Prediction Score | 89.81% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | CA |