BrightStor ARCserve Universal Agent buffer overflow

Added: 08/07/2006
CVE: CVE-2005-1018
BID: 13102
OSVDB: 15471

Background

The BrightStor ARCserve Backup family of products includes a Universal Agent which listens for connections on port 6050/TCP.

Problem

A buffer overflow in the Universal Agent allows remote attackers to execute arbitrary commands by sending a specially crafted argument before the option field.

Resolution

Apply one of the patches referenced in the iDEFENSE advisory.

References

http://www.idefense.com/intelligence/vulnerabilities/display.php?id=232

Limitations

Exploit works on BrightStor ARCserve Backup 11.1 on Windows 2000 SP4. The vulnerable component, Universal Agent, is contained in the BrightStor ARCserve Backup Client package. Due to the nature of the vulnerability, the success of the exploit depends upon the state of the system at the time the exploit is attempted.

Platforms

Windows

Back to exploit index