Signature Detail

APP: CA Multiple Products DBASVR RPC Server Pointer Buffer Overflow

There exists a buffer overflow vulnerability in multiple CA products. The problem specifically exists within DBASVR.exe, the Backup Agent RPC Server. The vulnerability is due to failing to bound check user supplied data in certain RPC requests. A remote unauthenticated attacker can exploit this vulnerability by sending a specially crafted RPC request to the affected interface. Successful exploitation would may lead to arbitrary code injection and execution with the privileges of the server process, typically System. An attack targeting this vulnerability can result in the injection and execution of code. If code execution is successful, the behaviour of the target will depend on the intention of the attacker. Any code injected will be executed with SYSTEM privileges on the targeted host. In the case of an unsuccessful code execution attack, CA DBASVR RPC Server will be terminated.

References

• BugTraq: 26015
• CVE: CVE-2007-5329