Short Name |
APP:CA:ARCSRV:MEDIASERVER-BO |
---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Computer Associates BrightStor ARCserve Media Server Buffer Overflow |
Release Date |
2007/05/30 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects attempts to exploit a known vulnerability in CA BrightStor ARCserve Media Server. Due to insufficient boundary checking when processing crafted strings supplied in SUN RPC requests, an unauthenticated attacker can terminate the service or cause a buffer overflow condition resulting in full control of the affected system.
Computer Associates BrightStor ARCServe Media Server is prone to multiple remote buffer-overflow vulnerabilities because it fails to properly bounds-check user-supplied data before copying it into an insufficiently sized memory buffer. A remote attacker may exploit these issues to execute arbitrary code with SYSTEM-level privileges. Successful exploits can result in a complete compromise of affected computers. Failed exploit attempts will likely cause denial-of-service conditions.