Computer Associates ARCserve Backup 'xdr' Function Remote Vulnerability
Publish Date: 21 Juli 2015
Schweregrad:: Mittel
CVE Kennungen:: CVE-2008-2242
Hinweisdatum: 21 Juli 2015
Beschreibung
There exists a buffer overflow vulnerability in CA BrightStor ARCserve Backup. The vulnerability is due to insufficient boundary checks in the xdr_rwsstring() library function. A remote unauthenticated attacker may exploit this vulnerability by sending a long parameter using this function into a daemon to process strings. Successful exploitation of this vulnerability can lead to arbitrary code execution on the vulnerable system in the context of the affected application.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1002523
Trend Micro Deep Security DPI Rule Name: 1002523 - CA BrightStor ARCserve Backup PortMapper Decoding
Betroffene Software und Version:
- BrightStor ARCserve Backup 11.x
- BrightStor ARCserve Backup 11.x (for Windows)
- CA Server Protection Suite r2