LS-20060330 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

LS-20060330 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability

Subject: LS-20060330 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability
Date: 7 Oct 2006 07:15:17 -0000
From: suppressed

Overview:
LSsec has discovered a vulnerability in Computer Associates BrightStor ARCserve Backup, which could be exploited by an anonymous attacker in order to execute arbitrary code with SYSTEM privileges on an affected system. The flaw specifically exists within the Message Engine (msgeng.exe) due to incorrect handling of RPC requests on TCP port 6503. The interface is identified by
dc246bf0-7a7a-11ce-9f88-00805fe43838. Opnum 45 specifies the vulnerable operation within this interface.

Advisory:

http://www.lssec.com/advisories/LS-20060330.pdf

Prev by Date: Re: net2ftp Remote File Inclusion - bogus report
Next by Date: Vulnerability in Btitracker
Previous by thread: Re: net2ftp Remote File Inclusion - bogus report
Next by thread: Vulnerability in Btitracker
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.