CA ARCserve Backup Directory Traversal Vulnerability
Publish Date: 21 de июля de 2015
Severity: : Critical
CVE Kennungen: : CVE-2008-4397
Advisory Date: 21 de июля de 2015
DESCRIPTION
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1003158
Trend Micro Deep Security DPI Rule Name: 1003158 - CA ARCserve Backup Directory Traversal Vulnerability
AFFECTED SOFTWARE AND VERSION:
- ca arcserve_backup r11.1
- ca arcserve_backup r11.5
- ca arcserve_backup r12.0
- ca business_protection_suite r2
- ca server_protection_suite r2