CA.DBASVR.RPC.Server.Crafted.Pointer.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a buffer-overflow vulnerability in CA BrightStor ARCServe BackUp and Enterprise Backup.
There is a vulnerability in dbasvr in CA BrightStor ARCServe BackUp and Enterprise Backup. It may allow a remote attacker to gain control of vulnerable systems via specially crafted stub data.

affected-products-logoAffected Products

Computer Associates Server Protection Suite r2
Computer Associates Business Protection Suite for Microsoft SBS Std Ed r2
Computer Associates Business Protection Suite for Microsoft SBS Pre ed r2
Computer Associates Business Protection Suite r2
Computer Associates BrightStor Enterprise Backup 10.5
Computer Associates BrightStor ARCServe Backup for Windows 11.0
Computer Associates BrightStor ARCServe Backup 11.1
Computer Associates BrightStor ARCServe Backup 9.01
Computer Associates BrightStor ARCServe Backup 11.5

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

CA has issued the following patches to address the vulnerabilities:
BrightStor ARCserve Backup r11.5 - QO92996
BrightStor ARCserve Backup r11.1, - QO92849
BrightStor ARCserve Backup r11.0 - Upgrade to 11.1 and apply the latest patches.
BrightStor Enterprise Backup r10.5 - Upgrade to 11.5 and apply the latest patches.
BrightStor ARCserve Backup v9.01 - QO92848
CA Protection Suites r2: QO92996

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)