Intrusion Prevention

CA.BrightStor.ARCServe.Backup.Laptops.Desktops.Buffer.Overflow

Description

This indicates a possible attempt to exploit a buffer-overflow vulnerability in CA ARCserve Backup for Laptops and Desktops.
The vulnerability is located in the rxRPC.dll while handling overly long arguments to the rxsUseLicenseIni RPC Command. It may allow remote attackers to execute arbitrary code in the context of the application. Failed exploit attempts will likely cause the program to crash, resulting in a denial-of-service condition.

Affected Products

Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.1
Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.0
Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.1 SP2
Computer Associates BrightStor ARCserve Backup Laptop & Desktop 11.1 SP1
Computer Associates BrightStor ARCserve Backup for Laptops and Desktop 11.5

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the patch, available from the web site:
CA ARCserve Backup for Laptops and Desktops (BMB) r4.0: QO91013
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&se archID=QO91013
CA ARCserve Backup for Laptops and Desktops 11.1: QO91014
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO91014
CA ARCserve Backup for Laptops and Desktops 11.5: QO91015
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO91015

CVE References

CVE-2007-3216