[Full-disclosure] RE: CAID 33239 - Computer Associates BrightStor ARCserve/Enterprise Backup Agents buffer overflow vulnerability

From: Williams, James K (James.Williams_at_ca.com)
Date: 08/06/05

  • Next message: root: "Re: [Full-disclosure] Defeating Citi-Bank Virtual Keyboard Protection"
    Date: Sat, 6 Aug 2005 01:59:09 -0400
    To: <full-disclosure@lists.grok.org.uk>
    
    

    On August 02, 2005, CA released patches to address a buffer
    overflow vulnerability in some of the BrightStor ARCserve Backup
    and BrightStor Enterprise Backup for Windows application agents.

    The patch for BrightStor ARCserve Backup r11.1 Agent for SQL for
    Windows (QO70767) did not fully remediate the vulnerability.
    This patch has now been superseded. Users should apply the new
    patch immediately. If you are running BrightStor ARCserve Backup
    r11.1 Agent for SQL for Windows, please apply the updated patch
    for BrightStor ARCserve Backup for Windows (QO71010) by
    downloading it from the location listed below.

    BrightStor ARCserve Backup r11.1 for Windows (URL may wrap):
    http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO7101
    0

    References:

    CA Security Advisor site
    http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239

    E-News: BrightStor Storage Newsletter v05.11 August 2nd, 2005
    http://supportconnectw.ca.com/public/enews/BrightStor/brig080205.asp

    Should you require additional information, please contact CA
    Technical Support at http://supportconnect.ca.com.

    Respectfully,

    Ken Williams ; Dir. Vuln Research
    Computer Associates ; 0xE2941985

    Computer Associates International, Inc. (CA).
    One Computer Associates Plaza. Islandia, NY 11749
            
    Contact Us http://ca.com/catalk.htm
    Legal Notice http://ca.com/calegal.htm
    Privacy Policy http://ca.com
    Copyright 2005 Computer Associates International, Inc.
    All rights reserved
                                                               

    > -----Original Message-----
    > From: Williams, James K
    > Sent: Tuesday, August 02, 2005 2:10 PM
    > To: 'full-disclosure@lists.grok.org.uk'
    > Subject: CAID 33239 - Computer Associates BrightStor
    > ARCserve/Enterprise Backup Agents buffer overflow vulnerability
    >
    >
    > Title: Computer Associates BrightStor ARCserve/Enterprise Backup
    > Agents buffer overflow vulnerability
    >
    > CA Vulnerability ID: 33239
    >
    > Discovery Date: 2005-04-25
    >
    > Disclosure Date: 2005-08-02
    >
    > Discovered By: iDEFENSE
    >
    > Impact: A remote attacker can execute arbitrary code with SYSTEM
    > privileges.
    >
    > Summary: Computer Associates BrightStor ARCserve Backup and
    > BrightStor Enterprise Backup Agents for Windows contain a
    > stack-based buffer overflow vulnerability. The vulnerability may
    > allow remote attackers to execute arbitrary code with SYSTEM
    > privileges, or cause a denial of service condition. The buffer
    > overflow is the result of improper bounds checking performed on
    > data sent to port 6070.
    >
    > Severity: Computer Associates has given this vulnerability a
    > High risk rating.
    >
    > Affected Technologies: This vulnerability exists in the
    > following BrightStor ARCserve Backup and BrightStor Enterprise
    > Backup application agents:
    >
    > BrightStor ARCserve Backup r11.1:
    > - BrightStor ARCserve Backup r11.1 Agent for SQL for Windows
    > - BrightStor ARCserve Backup r11.1 Agent for Oracle for Windows
    > - BrightStor ARCserve Backup r11.1 Agent for SAP R/3 for Windows
    > - BrightStor ARCserve Backup r11.1 Agent for Microsoft Exchange
    > Premium Add-on for Windows
    >
    > BrightStor ARCserve Backup r11.0:
    > - BrightStor ARCserve Backup Release 11 Agent for SQL for Windows
    > - BrightStor ARCserve Backup Release 11 Agent for Oracle for
    > Windows
    > - BrightStor ARCserve Backup Release 11 Agent for SAP R/3 for
    > Windows
    > - BrightStor ARCserve Backup Release 11 Agent for Microsoft
    > Exchange Premium Add-on for Windows
    >
    > BrightStor ARCserve Backup v9.01
    > - BrightStor ARCserve Backup Version 9 Agent for SQL for Windows
    > - BrightStor ARCserve Backup Version 9 Agent for Oracle for
    > Windows
    > - BrightStor ARCserve Backup Version 9 Agent for SAP R/3 for
    > Windows
    >
    > BrightStor Enterprise Backup 10.5
    > - BrightStor Enterprise Backup v10.5 Agent for SQL for Windows
    > - BrightStor Enterprise Backup v10.5 Agent for Oracle for
    > Windows
    > - BrightStor Enterprise Backup v10.5 Serverless Backup Agent for
    > Oracle for Windows
    > - BrightStor Enterprise Backup v10.5 Agent for Oracle for EMC
    > Timefinder for Windows
    > - BrightStor Enterprise Backup v10.5 Agent for SAP R/3 for
    > NT/2000
    >
    > BrightStor Enterprise Backup 10
    > - BrightStor Enterprise Backup Agent for SQL for Windows
    > - BrightStor Enterprise Backup Agent for Oracle for Windows
    > - BrightStor Enterprise Backup Agent for SAP R/3 for Oracle and
    > SQL on Windows
    > - BrightStor Enterprise Backup Agent for Oracle for EMC
    > Timefinder for Windows
    > - BrightStor Enterprise Backup Serverless Backup Agent for
    > Oracle for Windows
    >
    > Status: Security updates that completely remediate this
    > vulnerability issue are available for all affected products.
    >
    > Recommendation (note that URLs may wrap):
    > Apply the appropriate security update(s).
    > BrightStor ARCserve Backup r11.1 for Windows:
    > http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparn
    > o=QO70767&startsearch=1
    > BrightStor ARCserve Backup r11.0 for Windows:
    > http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparn
    > o=QO70769&startsearch=1
    > BrightStor ARCserve Backup v9.01 for Windows:
    > http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparn
    > o=QO70770&startsearch=1
    > BrightStor Enterprise Backup v10.5 for Windows:
    > http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparn
    > o=QO70774&startsearch=1
    > BrightStor Enterprise Backup v10.0 for Windows:
    > http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparn
    > o=QO70773&startsearch=1
    >
    > CVE Reference: Pending
    >
    > OSVDB Reference: Pending
    >
    > Advisory URLs (note that URLs may wrap):
    >
    > CA Security Advisor site
    > http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239
    >
    > E-News: BrightStor Storage Newsletter v05.11 August 2nd, 2005
    > http://supportconnectw.ca.com/public/enews/BrightStor/brig080205.asp
    >
    >
    > Should you require additional information, please contact CA
    > Technical Support at http://supportconnect.ca.com.
    >
    >
    > Respectfully,
    >
    > Ken Williams ; Dir. Vuln Research
    > Computer Associates ; 0xE2941985
    >
    >
    > Computer Associates International, Inc. (CA).
    > One Computer Associates Plaza. Islandia, NY 11749
    >
    > Contact Us http://ca.com/catalk.htm
    > Legal Notice http://ca.com/calegal.htm
    > Privacy Policy http://ca.com
    > Copyright 2005 Computer Associates International, Inc.
    > All rights reserved
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/


  • Next message: root: "Re: [Full-disclosure] Defeating Citi-Bank Virtual Keyboard Protection"

    Relevant Pages