|
|
| |
Credit:
The information has been provided by ZeroDay Initiative.
The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-07-022.html
|
| |
Vulnerable Systems:
* BrightStor ARCserve Backup release 11.5 SP2
* BrightStor ARCserve Backup release 11.5
* BrightStor ARCserve Backup release 11.1
* BrightStor ARCserve Backup release 11 for Windows
* BrightStor Enterprise Backup release 10.5
* BrightStor ARCserve Backup version 9.01
* CA Server Protection Suite release 2
* CA Business Protection Suite release 2
The specific flaw exists in the SUN RPC service which binds to a randomly chosen high TCP port. The target port can be obtained by querying the port mapper. Multiple stack-based buffer overflows exist during the parsing of malformed RPC strings. Exploitation of these overflows can result in arbitrary code execution.
Vendor Response:
Computer Associates has issued an update to correct this vulnerability. More details can be found at: http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp
CVE Information:
CVE-2007-2139
Disclosure Timeline:
2007.03.08 - Vulnerability reported to vendor
2007.04.19 - Digital Vaccine released to TippingPoint customers
2007.04.24 - Coordinated public release of advisory
|
|
|
