BrightStor ARCserve Message Engine opnum 0x10d buffer overflow

Added: 10/18/2007
CVE: CVE-2007-5327
BID: 26015
OSVDB: 41369

Background

CA ARCserve Bac kup (formerly BrightStor ARCserve Backup) is a backup and recovery solution. It runs a Message Engine RPC service on port 6504/TCP by default.

Problem

A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary commands by sending a specially crafted request with opnum 0x10d to the Message Engine RPC service.

Resolution

Apply one of the patches referenced in the Security Notice.

References

http://www.securityfocus.com/archive/1/482112

Limitations

Exploit works on CA BrightStor ARCserve Backup 11.5. The target's NetBIOS name must be provided in order for the exploit to work on IPv6 targets.

Platforms

Windows

Back to exploit index