CA BrightStor ARCserve Backup Discovery Service Overflow

high Nessus Plugin ID 23841

Synopsis

The remote service is affected by a buffer overflow vulnerability.

Description

According to its version, the installation of BrightStor ARCserve Backup on the remote host allows an attacker to execute arbitrary code on the affected host with SYSTEM privileges due to a buffer overflow that can be triggered by a specially crafted packet sent to the Discovery Service.

Note that the vendor reports only Windows installs are vulnerable.

Solution

Either apply the appropriate patch as described in the vendor advisory referenced above or upgrade to BrightStor ARCserve Backup r11.5 SP2 or later.

See Also

http://www.nessus.org/u?34d9360c

https://www.securityfocus.com/archive/1/archive/1/453916/100/0/threaded

Plugin Details

Severity: High

ID: 23841

File Name: arcserve_discovery_service_overflow.nasl

Version: 1.15

Type: remote

Agent: windows

Family: Windows

Published: 12/12/2006

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:ca:arcserve_backup

Required KB Items: ARCSERVE/Discovery/Version

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 12/8/2006

Reference Information

CVE: CVE-2006-6379

BID: 21502