Signature Detail

APP: Computer Associates ARCServe Backup LGServer

This signature detects attempts to exploit a known vulnerability in the Computer Associates BrightStor ARCServe Backup LGServer. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the system.

Extended Description

Computer Associates BrightStor ARCServe BackUp is prone to multiple unspecified buffer-overflow vulnerabilities. The vendor has reported that these vulnerabilities allow remote attackers to execute arbitrary code with SYSTEM privileges facilitating a full compromise. Unsuccessful attacks may cause denial-of-service conditions as well. These issues affect BrightStor ARCserve Backup for laptops and desktops running Microsoft Windows.

Affected Products

• Computer Associates ARCserve Backup for Laptops and Desktops 11.0
• Computer Associates ARCserve Backup for Laptops and Desktops 11.1
• Computer Associates ARCserve Backup for Laptops and Desktops 11.1 SP1
• Computer Associates BrightStor Mobile Backup 4.0
• Computer Associates Business Protection Suite 2.0
• Computer Associates Business Protection Suite for Microsoft SBS Pre ed r2
• Computer Associates Business Protection Suite for Microsoft SBS Std Ed r2
• Computer Associates Desktop Management Suite 11.1
• Computer Associates Desktop Protection Suite 2.0

References

• BugTraq: 22340
• BugTraq: 22199
• CVE: CVE-2007-0449
• URL: http://www.securityfocus.com/archive/1/458644
• URL: http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=34993