Signature Detail
Short Name |
APP:ARKEIA:TYPE-77-OF |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Arkeia Network Backup Type 77 Overflow |
Release Date |
2005/02/23 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Arkeia Network Backup Type 77 Overflow
This signature detects attempts to exploit a known vulnerability in the Arkeia Network Backup Agent. Versions 5.3.3 and prior are vulnerable. A successful attack can allow attackers to execute programs on the target host with root or system privileges.
Extended Description
The Knox Arkeia Server is prone to a remotely exploitable stack-based buffer overrun. The issue occurs because the software fails to do sufficient bounds checking when handling data contained within a type 77 request packet. A remote attacker may leverage this issue to execute arbitrary code in the context of the vulnerable service.
Affected Products
- Knox Software Arkeia 4.0.0
- Knox Software Arkeia 4.1.0
- Knox Software Arkeia 4.2.0
- Knox Software Arkeia 5.2.0
- Knox Software Arkeia 5.3.0
References
- BugTraq: 12594
- CVE: CVE-2005-0491
- CVE: CVE-2005-0496
- URL: http://securitytracker.com/id?1013256