Signature Detail

APP: Computer Associates Products Discovery Service Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the Computer Associates Products Discovery Service. An unauthenticated remote attacker can use this vulnerability to remotely inject and execute code on the system with System level privileges.

Extended Description

Multiple Computer Associates products are prone to a remote stack-based buffer-overflow vulnerability. This issue arises because these applications fail to perform boundary checks before copying user-supplied data into insufficiently sized buffers. A successful attack may result in arbitrary code execution with the privileges of the affected application. This issue affects client and server versions of the affected products.

Affected Products

• Computer Associates BrightStor ARCServe Backup 11.1.0
• Computer Associates BrightStor ARCServe Backup 11.5.0
• Computer Associates BrightStor ARCServe Backup 9.01
• Computer Associates BrightStor ARCServe Backup for Windows 11.0.0
• Computer Associates BrightStor Enterprise Backup 10.5.0
• Computer Associates Business Protection Suite r2
• Computer Associates Business Protection Suite for Microsoft SBS Pre ed r2
• Computer Associates Business Protection Suite for Microsoft SBS Std Ed r2
• Computer Associates Server Protection Suite r2

References

• BugTraq: 20364
• CVE: CVE-2006-5143
• CVE: CVE-2006-6379
• URL: http://www.livesploit.com/advisories/LS-20060220.pdf
• URL: http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp