BrightStor ARCserve Backup LGServer directory traversal

Added: 02/15/2008
CVE: CVE-2007-5005
BID: 24348
OSVDB: 41350

Background

BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections.

Problem

A directory traversal vulnerability in rxRPC.dll in the rxrReceiveFileFromServer function allows remote attackers to overwrite arbitrary files, leading to command execution.

Resolution

Apply the appropriate update referenced in the Security Notice.

References

http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676
http://secunia.com/advisories/25606

Limitations

Exploit overwrites the file licreg.dll, which will affect any functions which use this DLL. The DLL would need to be restored, possibly by re-installing the software, in order to restore functionality. For this reason, this exploit does not run during automated penetration tests.

Exploit works on ARCserve Backup for Laptops and Desktops 11.1.

Exploit requires the String-CRC32 PERL module, which is available from www.cpan.org.

Platforms

Windows

Back to exploit index