CA BrightStor ARCserve Backup Universal Agent Remote Overflow (QO66526)

critical Nessus Plugin ID 18041

Synopsis

Arbitrary code can be executed on the remote host.

Description

This host is running BrightStor ARCServe UniversalAgent.

The remote version of this software is affected by a buffer overflow vulnerability.

An attacker, by sending a specially crafted packet, may be able to execute code on the remote host.

Solution

Upgrade to the newest version of this software, when available

See Also

https://www.securityfocus.com/archive/1/395512

Plugin Details

Severity: Critical

ID: 18041

File Name: arcserve_universalagent_overflow.nasl

Version: 1.21

Type: remote

Agent: windows

Family: Windows

Published: 4/13/2005

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.8

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: ARCSERVE/UniversalAgent

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 4/11/2005

Exploitable With

Metasploit (CA BrightStor Universal Agent Overflow)

Reference Information

CVE: CVE-2005-1018

BID: 13102