Main Menu

Free Services

Critical Alerts

- 28 May 2008

Adobe Flash Player Unspecified Remote Code Execution Vulnerability

 

- 11 Mar 2008

Microsoft Excel Multiple Remote Code Execution Vulnerabilities

 

- 16 Jan 2008

Microsoft Excel File Handling Remote Arbitrary Code Execution Vulnerability

 

- 13 Dec 2007

JustSystems Ichitaro "JSGCI.DLL" Document Processing Remote Buffer Overflow Vulnerability

 

- 11 Dec 2007

Microsoft Internet Explorer Multiple Remote Memory Corruption Vulnerabilities

 

Advisories » BrightStor ARCserve Backup for Laptops & Desktops Vulnerabilities

 

Release Date: 24/01/2007 Severity: Moderately Critical Moderately Critical
SecWatch Advisory: SWID1016821 Cause: Not specified
Solution Status: Vendor Patch Impact: Denial of service
Execution of arbitrary code
Exploit Status: None Available Access Vector: From local network
 
Affected Software: BrightStor ARCserve Backup for Laptops & Desktops 11.x
 

 

Description:

Some vulnerabilities have been reported in BrightStor ARCserve Backup for Laptops & Desktops, which can be exploited by local users to trigger denial of service conditions or compromise a vulnerable system.

The vulnerabilities are caused due to unspecified errors and can be exploited to crash certain services or cause buffer overflows, which allow execution of arbitrary code. No further information is currently available.

 

Affected:

BrightStor ARCserve Backup for Laptops and Desktops r11.1 SP1 (SP2 is not affected)
BrightStor ARCserve Backup for Laptops and Desktops r11.1
BrightStor ARCserve Backup for Laptops and Desktops r11.0
BrightStor Mobile Backup r4.0
CA Desktop Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
Desktop Management Suite r11.0
Desktop Management Suite r11.1

 

Solution:

The vulnerabilities have been fixed, apply fixes:

BrightStor ARCserve Backup for Laptops and Desktops r11.1 SP1:
http://supportconnect.ca.com/s...ge=search&searchID=QO83833

BrightStor ARCserve Backup for Laptops and Desktops r11.0:
http://supportconnect.ca.com/s...ge=search&searchID=QI85497

BrightStor Mobile Backup r4.0:
http://supportconnect.ca.com/s...ge=search&searchID=QO85402

CA Desktop Management Suite r11.0:
http://supportconnect.ca.com/s...ge=search&searchID=QI85423

CA Desktop Management Suite r11.1:
http://supportconnect.ca.com/s...ge=search&searchID=QO85401

 

Credits:

The vendor credits NGSSoftware.

 

Free Vulnerability Notification Service

Receive free instant and customisable notifications of new vulnerabilities or exploits via e-mail, web or RSS feeds. Click here for more information.

 

Related Vulnerabilities and Exploits

17 Apr 08: CA Products DSM gui_cm_ctrls ActiveX Control Remote Code Executio..

17 Mar 08: CA BrightStor ARCserve Backup "ListCtrl" ActiveX Control Remote B..

16 Mar 08: CA BrightStor ARCserve Backup r11.5 Ac.. (ARCserve_AddColumn_BoF.html)

11 Jun 07: BrightStor ARCserve Backup for Laptops & Desktops Unspecified Arb..

24 Jan 06: CA Products iGateway Service Content-Length Buffer Overflow Vulne..

[more ...]