Detections
Analytics

Knox Arkeia Backup Client Type 77 Request Processing Buffer Remote Overflow

critical Nessus Plugin ID 17158

Language:

Synopsis

The remote backup service is prone to a buffer overflow attack.

Description

The remote host is running Arkeia Network Backup agent, used for backups of the remote host.

The remote version of this agent contains a buffer overflow vulnerability that may allow an attacker to execute arbitrary commands on the remote host with the privileges of the Arkeia daemon, usually root.

Solution

Upgrade to Arkeia 5.3.5, 5.2.28 our 5.1.21.

See Also

https://seclists.org/bugtraq/2005/Feb/413

Plugin Details

Severity: Critical

ID: 17158

File Name: arkeia_type77_overflow.nasl

Version: 1.18

Type: remote

Published: 2/21/2005

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 8.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2/18/2005

Exploitable With

Core Impact

Metasploit (Arkeia Backup Client Type 77 Overflow (Win32))

Reference Information

CVE: CVE-2005-0491

BID: 12594