Signature Detail

APP: Computer Associates BrightStor ARCserve Backup Buffer Overflow

This signature detects an overly large chunk of data sent to a Computer Associates BrightStor SQL Agent. By sending a sufficiently large block of information to the agent, an attacker can execute arbitrary code on the server.

Extended Description

Computer Associates BrightStor ARCserve Backup and BrightStor Enterprise Backup Agents for Windows are affected by a remote stack-based buffer-overflow vulnerability because the application fails to perform proper bounds checking on data supplied to the application. A remote attacker may exploit this issue to execute arbitrary code on a vulnerable computer with SYSTEM privileges. A denial-of-service condition may arise as well.

Affected Products

• Computer Associates BrightStor ARCserve Backup Agent for Exchange 11.0.0
• Computer Associates BrightStor ARCserve Backup Agent for Exchange 11.1.0
• Computer Associates BrightStor ARCserve Backup Agent for Exchange 9.0.0 1
• Computer Associates BrightStor ARCserve Backup Agent for SAP R/3 11.0.0
• Computer Associates BrightStor ARCserve Backup Agent for SAP R/3 11.1.0
• Computer Associates BrightStor ARCserve Backup Agent for SAP R/3 9.0.0 1
• Computer Associates BrightStor ARCserve Backup Agent for SQL 11.0.0
• Computer Associates BrightStor ARCserve Backup Agent for SQL 11.1.0
• Computer Associates BrightStor ARCserve Backup Agent for SQL 9.0.0 .0.1
• Computer Associates BrightStor ARCserve Backup for Oracle 11.0.0
• Computer Associates BrightStor ARCserve Backup for Oracle 11.1.0
• Computer Associates BrightStor ARCserve Backup for Oracle 9.0.0 1
• Computer Associates BrightStor ARCServe Backup for Windows 11.0.0
• Computer Associates BrightStor ARCServe Backup for Windows 11.1.0
• Computer Associates BrightStor ARCServe Backup for Windows 9.0.0 .0.1
• Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.0.0
• Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.1.0
• Computer Associates BrightStor ARCServe Backup for Windows 64 bit 9.0.1
• Computer Associates BrightStor ARCserve Backup for Windows (All) 11.1
• Computer Associates BrightStor ARCserve Backup for Windows (Client) 11.1
• Computer Associates BrightStor ARCserve Backup for Windows (Eng-All) 9.01
• Computer Associates BrightStor ARCserve Backup for Windows (Eng-Cli) 9.01
• Computer Associates BrightStor ARCserve Backup for Windows (NoEng-All) 9.01
• Computer Associates BrightStor ARCserve Backup for Windows (NoEng-Cli) 9.01
• Computer Associates BrightStor Enterprise Backup 10.0.0
• Computer Associates BrightStor Enterprise Backup 10.5.0
• Computer Associates BrightStor Enterprise Backup Agent for Oracle 10.0.0
• Computer Associates BrightStor Enterprise Backup Agent for Oracle 10.5.0
• Computer Associates BrightStor Enterprise Backup Agent for SAP R/3 10.0.0
• Computer Associates BrightStor Enterprise Backup Agent for SAP R/3 10.5.0
• Computer Associates BrightStor Enterprise Backup Agent for SQL 10.0.0
• Computer Associates BrightStor Enterprise Backup Agent for SQL 10.5.0
• Computer Associates BrightStor Enterprise Backup for Windows 64 bit 10.5.0
• Computer Associates BrightStor Enterprise Backup Serverless Backup 10.0.0
• Computer Associates BrightStor Enterprise Backup Serverless Backup 10.5.0

References

• BugTraq: 14453
• CVE: CVE-2005-1272
• URL: http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239
• URL: http://www.idefense.com/application/poi/display?id=287&type=vulnerabilities
• URL: http://www.kb.cert.org/vuls/id/279774