Signature Detail

APP: BrightStor ARCserve Backup Arbitrary Command Execution

This signature detects attempts to exploit a known vulnerability against Computer Associate BrightStor ARCserve Backup. A successful attack can lead to arbitrary code execution.

Extended Description

Computer Associates ARCserve Backup is prone to multiple remote vulnerabilities. Successful exploits allow remote attackers to cause denial-of-service conditions or to execute arbitrary commands in the context of the affected application. This may result in a complete compromise of affected computers. The following applications are affected: CA BrightStor ARCserve Backup r11.1, r11.5, r12.0 for Windows CA Server Protection Suite r2 CA Business Protection Suite r2 CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2

Affected Products

• Computer Associates BrightStor ARCServe Backup 11.1.0
• Computer Associates BrightStor ARCServe Backup 11.5
• Computer Associates BrightStor ARCServe Backup r12
• Computer Associates BrightStor ARCServe Backup r12.0 Windows
• Computer Associates BrightStor ARCServe Backup for Windows 11.0.0
• Computer Associates BrightStor ARCserve Backup for Windows (All) 11.1
• Computer Associates BrightStor ARCserve Backup for Windows (All) 11.5.0
• Computer Associates BrightStor Enterprise Backup 10.5.0
• Computer Associates Business Protection Suite r2
• Computer Associates Business Protection Suite for Microsoft SBS Pre ed r2
• Computer Associates Business Protection Suite for Microsoft SBS Std Ed r2
• Computer Associates Server Protection Suite r2

References

• BugTraq: 31684
• CVE: CVE-2008-4397