Holes in BrightStor ARCserve Backup for Laptops & Desktops
Mark Litchfield of NGS Software Insight Security Research has discovered a flaw in BrightStor ARCserve Backup for Laptops & Desktops that can be exploited remotely. Apparently, all attackers need to do if they want to inject code and execute it with Windows system rights is send a specially prepared packet to the LGSERVER.EXE at TCP port 2200. They can do so by means of a buffer overflow on the heap. CA, the software vendor, has provided updates to remedy the flaw. The following versions are affected:
- BrightStor ARCserve Backup for Laptops and Desktops r11.1 SP1
- BrightStor ARCserve Backup for Laptops and Desktops r11.1
- BrightStor ARCserve Backup for Laptops and Desktops r11.0
- BrightStor Mobile Backup r4.0
- CA Desktop Protection Suite r2
- CA Business Protection Suite r2
- CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
- CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
- CA Desktop Management Suite DMS r11.0
- CA Desktop Management Suite DMS r11.1
- Security Advisory by Mark Litchfield
- Important Security Notice for BrightStor ARCserve Backup for Laptops & Desktops from CA
(ehe)