DoS vulnerability in CA ARCserve Backup
CA Technologies is warning that some versions of CA ARCserve Backup for Windows contain a security vulnerability (CVE-2012-1662) that could be exploited by a remote attacker to cause a denial-of-service (DoS) condition to disable network services. According to the company, the bug occurs due to insufficient validation of certain types of network requests.
Versions r12.0, r12.0 SP1, r12.0 SP2, r12.5, r12.5 SP1, r15, r15 SP1 and r16 are affected. CA ARCserve Backup for Windows r12.5 SP2 and r16 SP1 are not vulnerable. Fixes have been released to close the hole.
Further information about the problem, including instructions on how to determine if an installation is affected and download links to patches, can be found in the company's security advisory.
See also:
- CA20120320-01: Security Notice for CA ARCserve Backup, security advisory from CA.
(crve)