Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security NTBugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Back

from [Williams, James K] Network Security [Permanent Link]
Subject: Re: CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability
Date: Sat, 6 Aug 2005 01:59:47 -0400 
On August 02, 2005, CA released patches to address a buffer 
overflow vulnerability in some of the BrightStor ARCserve Backup
and BrightStor Enterprise Backup for Windows application agents.

The patch for BrightStor ARCserve Backup r11.1 Agent for SQL for
Windows (QO70767) did not fully remediate the vulnerability. 
This patch has now been superseded.  Users should apply the new
patch immediately. If you are running BrightStor ARCserve Backup
r11.1 Agent for SQL for Windows, please apply the updated patch
for BrightStor ARCserve Backup for Windows (QO71010) by 
downloading it from the location listed below. 

BrightStor ARCserve Backup r11.1 for Windows (URL may wrap):
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO7101
0 


References:

CA Security Advisor site
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239

E-News: BrightStor Storage Newsletter v05.11 August 2nd, 2005
http://supportconnectw.ca.com/public/enews/BrightStor/brig080205.asp


Should you require additional information, please contact CA 
Technical Support at http://supportconnect.ca.com.


Respectfully,

Ken Williams ; Dir. Vuln Research 
Computer Associates ; 0xE2941985


Computer Associates International, Inc. (CA). 
One Computer Associates Plaza. Islandia, NY 11749
        
Contact Us http://ca.com/catalk.htm
Legal Notice http://ca.com/calegal.htm
Privacy Policy http://ca.com
Copyright 2005 Computer Associates International, Inc.
All rights reserved
 


-----Original Message-----
From: Williams, James K 
Sent: Tuesday, August 02, 2005 2:08 PM
To: 'NTBugtraq@listserv.ntbugtraq.com'
Subject: CAID 33239 - Computer Associates BrightStor 
ARCserve/Enterprise Backup Agents buffer overflow vulnerability


Title: Computer Associates BrightStor ARCserve/Enterprise Backup 
Agents buffer overflow vulnerability

CA Vulnerability ID: 33239

Discovery Date: 2005-04-25

Disclosure Date: 2005-08-02

Discovered By: iDEFENSE

Impact: A remote attacker can execute arbitrary code with SYSTEM 
privileges.

Summary: Computer Associates BrightStor ARCserve Backup and 
BrightStor Enterprise Backup Agents for Windows contain a 
stack-based buffer overflow vulnerability. The vulnerability may 
allow remote attackers to execute arbitrary code with SYSTEM 
privileges, or cause a denial of service condition. The buffer 
overflow is the result of improper bounds checking performed on 
data sent to port 6070. 

Severity: Computer Associates has given this vulnerability a 
High risk rating.

Affected Technologies: This vulnerability exists in the 
following BrightStor ARCserve Backup and BrightStor Enterprise 
Backup application agents:

BrightStor ARCserve Backup r11.1:
- BrightStor ARCserve Backup r11.1 Agent for SQL for Windows
- BrightStor ARCserve Backup r11.1 Agent for Oracle for Windows
- BrightStor ARCserve Backup r11.1 Agent for SAP R/3 for Windows
- BrightStor ARCserve Backup r11.1 Agent for Microsoft Exchange 
  Premium Add-on for Windows

BrightStor ARCserve Backup r11.0:
- BrightStor ARCserve Backup Release 11 Agent for SQL for Windows
- BrightStor ARCserve Backup Release 11 Agent for Oracle for 
  Windows
- BrightStor ARCserve Backup Release 11 Agent for SAP R/3 for 
  Windows
- BrightStor ARCserve Backup Release 11 Agent for Microsoft 
  Exchange Premium Add-on for Windows

BrightStor ARCserve Backup v9.01
- BrightStor ARCserve Backup Version 9 Agent for SQL for Windows
- BrightStor ARCserve Backup Version 9 Agent for Oracle for 
  Windows 
- BrightStor ARCserve Backup Version 9 Agent for SAP R/3 for 
  Windows 

BrightStor Enterprise Backup 10.5
- BrightStor Enterprise Backup v10.5 Agent for SQL for Windows
- BrightStor Enterprise Backup v10.5 Agent for Oracle for 
  Windows
- BrightStor Enterprise Backup v10.5 Serverless Backup Agent for 
  Oracle for Windows
- BrightStor Enterprise Backup v10.5 Agent for Oracle for EMC 
  Timefinder for Windows
- BrightStor Enterprise Backup v10.5 Agent for SAP R/3 for 
  NT/2000

BrightStor Enterprise Backup 10
- BrightStor Enterprise Backup Agent for SQL for Windows
- BrightStor Enterprise Backup Agent for Oracle for Windows
- BrightStor Enterprise Backup Agent for SAP R/3 for Oracle and 
  SQL on Windows
- BrightStor Enterprise Backup Agent for Oracle for EMC 
  Timefinder for Windows
- BrightStor Enterprise Backup Serverless Backup Agent for 
  Oracle for Windows

Status: Security updates that completely remediate this 
vulnerability issue are available for all affected products.

Recommendation (note that URLs may wrap): 
Apply the appropriate security update(s).
BrightStor ARCserve Backup r11.1 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparn
o=QO70767&startsearch=1
BrightStor ARCserve Backup r11.0 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparn
o=QO70769&startsearch=1
BrightStor ARCserve Backup v9.01 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparn
o=QO70770&startsearch=1
BrightStor Enterprise Backup v10.5 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparn
o=QO70774&startsearch=1
BrightStor Enterprise Backup v10.0 for Windows:
http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparn
o=QO70773&startsearch=1

CVE Reference: Pending

OSVDB Reference: Pending

Advisory URLs (note that URLs may wrap): 

CA Security Advisor site
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239

E-News: BrightStor Storage Newsletter v05.11 August 2nd, 2005
http://supportconnectw.ca.com/public/enews/BrightStor/brig080205.asp


Should you require additional information, please contact CA 
Technical Support at http://supportconnect.ca.com.


Respectfully,

Ken Williams ; Dir. Vuln Research 
Computer Associates ; 0xE2941985


Computer Associates International, Inc. (CA). 
One Computer Associates Plaza. Islandia, NY 11749
      
Contact Us http://ca.com/catalk.htm
Legal Notice http://ca.com/calegal.htm
Privacy Policy http://ca.com
Copyright 2005 Computer Associates International, Inc.
All rights reserved



--
NTBugtraq Editor's Note:

Most viruses these days use spoofed email addresses. As such, using an 
Anti-Virus product which automatically notifies the perceived sender of a 
message it believes is infected may well cause more harm than good. Someone who 
did not actually send you a virus may receive the notification and scramble 
their support staff to find an infection which never existed in the first 
place. Suggest such notifications be disabled by whomever is responsible for 
your AV, or at least that the idea is considered.
--
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • Re: CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability, Williams, James K <=
Previous by Date:  Eh? Oh well....Flaws in AOL software, and accountability. Patch available for one of the two., Nicholas Staff
Next by Date:  MajorRev: v2.0 Microsoft Security Bulletin MS05-038 - Cumulative Security Update for Internet Explorer (896727), Cooper, Russ
Previous by Thread:  Eh? Oh well....Flaws in AOL software, and accountability. Patch available for one of the two., Nicholas Staff
Next by Thread:  MajorRev: v2.0 Microsoft Security Bulletin MS05-038 - Cumulative Security Update for Internet Explorer (896727), Cooper, Russ
Indexes:  [Date] [Thread] [Top] [All Lists]