Computer Associates ARCserve Backup 'xdr' Function Remote Vulnerability
2015年7月21日
危険度: : 中
CVE識別番号: CVE-2008-2242
概要
There exists a buffer overflow vulnerability in CA BrightStor ARCserve Backup. The vulnerability is due to insufficient boundary checks in the xdr_rwsstring() library function. A remote unauthenticated attacker may exploit this vulnerability by sending a long parameter using this function into a daemon to process strings. Successful exploitation of this vulnerability can lead to arbitrary code execution on the vulnerable system in the context of the affected application.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1002523
Trend Micro Deep Security DPI Rule Name: 1002523 - CA BrightStor ARCserve Backup PortMapper Decoding
影響を受けるソフトウェア
- BrightStor ARCserve Backup 11.x
- BrightStor ARCserve Backup 11.x (for Windows)
- CA Server Protection Suite r2