Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
APP:CA:ARCSRV:CAMEDIASRV |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
CA BrightStor ARCserve Backup Mediasrv.exe RPC Request Code Execution (CVE-2007-17850) |
Release Date |
2008/11/05 |
Update Number |
1306 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
APP: CA BrightStor ARCserve Backup Mediasrv.exe RPC Request Code Execution (CVE-2007-17850)
This signature detects attempts to exploit a known vulnerability against CA Brightstor ARCserve Backup. A successful attack allows attackers to execute remote code in the context of the administrator.
Extended Description
The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request.
Affected Products
- Ca brightstor_arcserve_backup 11
- Ca brightstor_arcserve_backup 11.1
- Ca brightstor_arcserve_backup 11.5
- Ca brightstor_arcserve_backup 9.01
References
- BugTraq: 23209
- CVE: CVE-2007-1785