Detections
Analytics

CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO92996)

critical Nessus Plugin ID 32398

Language:

Synopsis

The remote software is affected by multiple vulnerabilities.

Description

According to its version, the installation of BrightStor ARCserve Backup on the remote host is affected by multiple issues :

 - A vulnerability in 'caloggerd' could allow an unauthenticated attacker to append data to arbitrary files on the server using log messages with directory traversal sequences, which could lead to a system compromise.

 - Insufficient boundary checks in multiple 'xdr' functions could allow an unauthorized attacker to execute arbitrary code with SYSTEM level privileges or cause a denial of service condition.

Solution

Upgrade to ARCserve Backup r11.5 SP4/ r12.0 or apply vendor-supplied patches.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-08-026/

https://www.zerodayinitiative.com/advisories/ZDI-08-027/

https://seclists.org/bugtraq/2008/May/207

https://seclists.org/bugtraq/2008/May/216

https://seclists.org/bugtraq/2008/May/210

http://www.nessus.org/u?d7e28a0b

Plugin Details

Severity: Critical

ID: 32398

File Name: arcserve_qo92996.nasl

Version: 1.26

Type: remote

Agent: windows

Family: Windows

Published: 5/22/2008

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:ca:arcserve_backup

Required KB Items: ARCSERVE/Discovery/Version

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2008-2241, CVE-2008-2242

BID: 29283

CWE: 119, 22

Secunia: 30300