BrightStor ARCserve Backup discovery service buffer overflow

Added: 04/19/2006
CVE: CVE-2005-2535
BID: 12536
OSVDB: 13814

Background

The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP.

Problem

A buffer overflow in the discovery service allows remote attackers to execute arbitrary commands.

Resolution

Apply the patch which is available from Computer Associates.

References

http://www.kb.cert.org/vuls/id/966880

Platforms

Windows

Back to exploit index