|
|
|
|
| |
Credit:
The information has been provided by Ken Williams.
The original article can be found at: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209502
|
| |
Vulnerable Systems:
* CA ARCserve Backup r12.0 Windows
* CA ARCserve Backup r12.0 SP 1 Windows
Immune Systems:
* CA ARCserve Backup r11.5 SP 4 Windows
* CA ARCserve Backup r12.0 SP 2 Windows
* CA ARCserve Backup r12.5
CA has issued an update to address the vulnerabilities. The vulnerabilities occur due to insufficient verification of data sent to the message engine. An attacker can make requests that can cause the message engine to crash.
Patch Availability:
CA has issued the following patches to address the vulnerabilities.
CA ARCserve Backup r12.0, r12.0 SP1
Windows: Install Service Pack 2 RO08383.
How to determine if the installation is affected:
CA ARCserve Backup r12.0, r12.0 SP1 Windows:
1. Run the ARCserve Patch Management utility. From the Windows Start menu, the program can be found under Programs->CA->ARCserve Patch Management->Patch Status.
2. The main patch status screen will indicate if the patch in the below table is applied. If the patch is not applied, then the installation is vulnerable.
CVE Information:
CVE-2009-1761
|
|
|
|
|
