CERTA-2005-AVI-143
Vulnerability from certfr_avis
Une vulnérabilité de type débordement de mémoire dans BrightStor ARCserve Backup UniversalAgent permet l'exécution de code arbitraire à distance.
Description
BrightStor ARCserve Backup est un serveur de sauvegarde. Il utilise un agent réseau qui écoute par défaut sur le port 6050 (TCP et UDP).
Un utilisateur mal intentionné peut, par le biais d'un paquet TCP malicieusement constitué envoyé à cet agent, exécuter du code arbitraire à distance avec les droits de l'administrateur sur le serveur BrightStor ARCserve Backup.
Contournement provisoire
Filtrer le port 6050 (TCP et UDP) au niveau du pare-feu.
Solution
Appliquer le correctif de Computer Associates (cf. Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | BrightStor ARCserve Backup v9.01 ; | ||
| N/A | N/A | BrightStor ARCserve Backup Client Agent r11.1 ; | ||
| N/A | N/A | BrightStor ARCserve Backup Client Agent v9.01 ; | ||
| N/A | N/A | BrightStor ARCserve Backup v10.5 ; | ||
| N/A | N/A | BrightStor ARCserve Backup r11.0 ; | ||
| N/A | N/A | BrightStor ARCserve Backup v10.0. | ||
| N/A | N/A | BrightStor ARCserve Backup r11.1 ; |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "BrightStor ARCserve Backup v9.01 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup Client Agent r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup Client Agent v9.01 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup v10.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup r11.0 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup v10.0.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "BrightStor ARCserve Backup r11.1 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nBrightStor ARCserve Backup est un serveur de sauvegarde. Il utilise un\nagent r\u00e9seau qui \u00e9coute par d\u00e9faut sur le port 6050 (TCP et UDP).\n\nUn utilisateur mal intentionn\u00e9 peut, par le biais d\u0027un paquet TCP\nmalicieusement constitu\u00e9 envoy\u00e9 \u00e0 cet agent, ex\u00e9cuter du code arbitraire\n\u00e0 distance avec les droits de l\u0027administrateur sur le serveur BrightStor\nARCserve Backup.\n\n## Contournement provisoire\n\nFiltrer le port 6050 (TCP et UDP) au niveau du pare-feu.\n\n## Solution\n\nAppliquer le correctif de Computer Associates (cf. Documentation).\n",
"cves": [],
"initial_release_date": "2005-04-14T00:00:00",
"last_revision_date": "2005-04-15T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r10.0 pour Windows :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66523\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r11.0 pour Windows 64-Bit Edition :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66535\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r10.5 pour Windows 64-Bit Edition :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66533\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r10.5 pour Windows :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66524\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r9.01 pour Windows (versions anglaises) :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66528\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r9.01 Client Agent pour Windows (versions non-anglaises) :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66531\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r11.0 pour Windows :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66525\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r9.01 pour Windows (versions non-anglaises) :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66529\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r11.1 pour Window64-Bit Edition :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66534\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 11 avril 2005 :",
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=32727"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r9.01 pour Windows 64-Bit Edition :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66536\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r11.Client Agent 1 pour Windows :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66527\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r9.01 Client Agent pour Windows (versions anglaises) :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66530\u0026os=NT"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005 pour BrightStor ARCserve Backup r11.1 pour Windows :",
"url": "http://supportconnect.ca.com/sc/solcenter/soldetail.jsp?aparno=QO66526\u0026os=NT"
}
],
"reference": "CERTA-2005-AVI-143",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2005-04-14T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence CVE et de l\u0027avis de Computer Associates.",
"revision_date": "2005-04-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire dans BrightStor\nARCserve Backup UniversalAgent permet l\u0027ex\u00e9cution de code arbitraire \u00e0\ndistance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans BrightStor ARCserve",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 Computer Associates du 08 avril 2005",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…