02 February 2007, 12:24
Holes in BrightStor ARCserve Backup for Laptops & Desktops
Mark Litchfield of NGS Software Insight Security Research has discovered a flaw in BrightStor ARCserve Backup for Laptops & Desktops that can be exploited remotely. Apparently, all attackers need to do if they want to inject code and execute it with Windows system rights is send a specially prepared packet to the LGSERVER.EXE at TCP port 2200. They can do so by means of a buffer overflow on the heap. CA, the software vendor, has provided updates to remedy the flaw. The following versions are affected:
- BrightStor ARCserve Backup for Laptops and Desktops r11.1 SP1
- BrightStor ARCserve Backup for Laptops and Desktops r11.1
- BrightStor ARCserve Backup for Laptops and Desktops r11.0
- BrightStor Mobile Backup r4.0
- CA Desktop Protection Suite r2
- CA Business Protection Suite r2
- CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
- CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
- CA Desktop Management Suite DMS r11.0
- CA Desktop Management Suite DMS r11.1
- Security Advisory by Mark Litchfield
- Important Security Notice for BrightStor ARCserve Backup for Laptops & Desktops from CA
(ehe)
Print Version | Send by email
| Permalink: http://h-online.com/-732236
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
