Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 APP:CA:ARCSRV:METHD-EXPOSURE

Severity

 High

Recommended

 Yes

Recommended Action

 Drop

Category

 APP

Keywords

 Computer Associates BrightStor ARCserve Backup Remote Code Execution

Release Date

 2015/06/14

Update Number

 2506

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vsrx-12.1+

APP: Computer Associates BrightStor ARCserve Backup Remote Code Execution


This signature detects attempts to exploit a known vulnerability against CA. A successful exploit can lead to remote code execution.

Extended Description

The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain "insecure method calls" to modify the file system and registry, aka "Privileged function exposure."

Affected Products

  • ca brightstor_arcserve_backup 10.5
  • ca brightstor_arcserve_backup 11
  • ca brightstor_arcserve_backup 11.1
  • ca brightstor_arcserve_backup 11.5
  • ca brightstor_arcserve_backup 9.01
  • ca brightstor_enterprise_backup 10.5

References

  • BugTraq: 26015
  • CVE: CVE-2007-5328

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out