CA BrightStor ARCserve Backup Buffer Overflow
Gravité: : Élevé
Identifiant(s) CVE: : CVE-2007-0169
Date du conseil: 21 juillet 2015
Description
Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1000927
Trend Micro Deep Security DPI Rule Name: 1000927 - CA BrightStor ARCserve Backup Message Engine Buffer Overflow
Affected software and version:
- Computer Associates BrightStor ARCserve Backup 11.5
- Computer Associates BrightStor ARCserve Backup 9.01
- Computer Associates Enterprise Backup 10.5
- Computer Associates Server/Business Protection Suite R2