Short Name |
APP:CA:ARCSRV:BCK-MESSAGE |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
CA BrightStor ARCserve Backup Mssage Engine Stack Overflow |
Release Date |
2015/06/14 |
Update Number |
2506 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in the Computer Associates ArcServer. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the system.
Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum.