CERTA-2005-AVI-143
Vulnerability from certfr_avis - Published: 2005-04-14 - Updated: 2005-04-15
Une vulnérabilité de type débordement de mémoire dans BrightStor ARCserve Backup UniversalAgent permet l'exécution de code arbitraire à distance.
Description
BrightStor ARCserve Backup est un serveur de sauvegarde. Il utilise un agent réseau qui écoute par défaut sur le port 6050 (TCP et UDP).
Un utilisateur mal intentionné peut, par le biais d'un paquet TCP malicieusement constitué envoyé à cet agent, exécuter du code arbitraire à distance avec les droits de l'administrateur sur le serveur BrightStor ARCserve Backup.
Contournement provisoire
Filtrer le port 6050 (TCP et UDP) au niveau du pare-feu.
Solution
Appliquer le correctif de Computer Associates (cf. Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | BrightStor ARCserve Backup v9.01 ; | ||
| N/A | N/A | BrightStor ARCserve Backup Client Agent r11.1 ; | ||
| N/A | N/A | BrightStor ARCserve Backup Client Agent v9.01 ; | ||
| N/A | N/A | BrightStor ARCserve Backup v10.5 ; | ||
| N/A | N/A | BrightStor ARCserve Backup r11.0 ; | ||
| N/A | N/A | BrightStor ARCserve Backup v10.0. | ||
| N/A | N/A | BrightStor ARCserve Backup r11.1 ; |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BrightStor ARCserve Backup v9.01 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup Client Agent r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup Client Agent v9.01 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup v10.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup r11.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup v10.0.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nBrightStor ARCserve Backup est un serveur de sauvegarde. Il utilise un\nagent r\u00e9seau qui \u00e9coute par d\u00e9faut sur le port 6050 (TCP et UDP).\n\nUn utilisateur mal intentionn\u00e9 peut, par le biais d\u0027un paquet TCP\nmalicieusement constitu\u00e9 envoy\u00e9 \u00e0 cet agent, ex\u00e9cuter du code arbitraire\n\u00e0 distance avec les droits de l\u0027administrateur sur le serveur BrightStor\nARCserve Backup.\n\n## Contournement provisoire\n\nFiltrer le port 6050 (TCP et UDP) au niveau du pare-feu.\n\n## Solution\n\nAppliquer le correctif de Computer Associates (cf. Documentation).\n",
"cves": [],
"initial_release_date": "2005-04-14T00:00:00",
"last_revision_date": "2005-04-15T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r10.0 pour Windows :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66523\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r11.0 pour Windows 64-Bit Edition :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66535\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r10.5 pour Windows 64-Bit Edition :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66533\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r10.5 pour Windows :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66524\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r9.01 pour Windows (versions anglaises) :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66528\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r9.01 Client Agent pour Windows (versions non-anglaises) :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66531\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r11.0 pour Windows :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66525\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r9.01 pour Windows (versions non-anglaises) :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66529\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r11.1 pour Window64-Bit Edition :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66534\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 11 avril 2005 :",
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32727"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r9.01 pour Windows 64-Bit Edition :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66536\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r11.Client Agent 1 pour Windows :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66527\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r9.01 Client Agent pour Windows (versions anglaises) :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66530\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r11.1 pour Windows :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66526\u0026os=NT"
}
],
"reference": "CERTA-2005-AVI-143",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2005-04-14T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence CVE et de l\u0027avis de Computer Associates.",
"revision_date": "2005-04-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire dans BrightStor\nARCserve Backup UniversalAgent permet l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans BrightStor ARCserve",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…