CA BrightStor ARCserve Backup Buffer Overflow
Severity: : High
CVE Kennungen: : CVE-2007-0169
Advisory Date: 21 de lipca de 2015
DESCRIPTION
Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1000927
Trend Micro Deep Security DPI Rule Name: 1000927 - CA BrightStor ARCserve Backup Message Engine Buffer Overflow
AFFECTED SOFTWARE AND VERSION:
- Computer Associates BrightStor ARCserve Backup 11.5
- Computer Associates BrightStor ARCserve Backup 9.01
- Computer Associates Enterprise Backup 10.5
- Computer Associates Server/Business Protection Suite R2