BrightStor ARCserve Media Server SUN RPC buffer overflow
Added: 05/03/2007CVE: CVE-2007-2139
BID: 23635
OSVDB: 34127
Background
CA ARCserve Backup (formerly BrightStor ARCserve Backup) is a backup and recovery solution. ARCserve Media Server is a component which comes with ARCserve Backup.Problem
ARCserve Media Server is affected by multiple buffer overflow vulnerabilities which allow remote attackers to execute arbitrary commands by sending specially crafted requests to the SUN RPC service.Resolution
Apply one of the patches referenced in the CA Security Notice.References
http://www.kb.cert.org/vuls/id/979825http://www.zerodayinitiative.com/advisories/ZDI-07-022.html
Limitations
Exploit works on BrightStor ARCserve Backup r11.5 SP2.Platforms
Windows 2000Windows Server 2003
Back to exploit index