Intrusion Prevention

CA.BrightStor.ARCserve.Backup.caloggerd.Buffer.Overflow

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in CA BrightStor ARCserve Backup.
The vulnerability is caused by a boundary error that occurs when the vulnerable software's logging service, known as caloggerd, handles a long Sun-RPC string parameter. A remote attacker can execute arbitrary code by sending a crafted RPC request.

Affected Products

CA BrightStor ARCServe Backup 11.1
CA BrightStor ARCServe Backup 11.5

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's web site for the suggested workaround:
https://support.ca.com/irj/portal/anonymous/

CVE References

CVE-2008-2241