BrightStor ARCserve Message Engine RPC server buffer overflow
Added: 11/09/2006CVE: CVE-2006-5143
BID: 20365
OSVDB: 29535
Background
The BrightStor ARCserve Backup family of products includes a Message Engine which listens for connections on port 6503/TCP.Problem
A buffer overflow in the ASCORE.dll library allows remote attackers to execute arbitrary commands when a specially crafted request is processed by the Message Engine RPC server.Resolution
Apply the upgrade referenced in the Computer Associates Security Notice.References
http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0098.htmlLimitations
Exploit works on BrightStor ARCserve Backup 11.5. Due to the nature of the vulnerability, the success of this exploit may depend on the system state at the time the exploit is run.Platforms
Windows 2000 SP4Windows 2000 SP4 / Windows 2000
Windows 2000 SP3
Back to exploit index