Computer Associates ARCserve Backup 'xdr' Function Remote Vulnerability
Gravità: : Medio
Identificatori CVE: CVE-2008-2242
Data notifica: 21 luglio 2015
Descrizione
There exists a buffer overflow vulnerability in CA BrightStor ARCserve Backup. The vulnerability is due to insufficient boundary checks in the xdr_rwsstring() library function. A remote unauthenticated attacker may exploit this vulnerability by sending a long parameter using this function into a daemon to process strings. Successful exploitation of this vulnerability can lead to arbitrary code execution on the vulnerable system in the context of the affected application.
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1002523
Trend Micro Deep Security DPI Rule Name: 1002523 - CA BrightStor ARCserve Backup PortMapper Decoding
Software e versione interessati:
- BrightStor ARCserve Backup 11.x
- BrightStor ARCserve Backup 11.x (for Windows)
- CA Server Protection Suite r2