Signature Detail

APP: Computer Associates BrightStor ARCserve Backup caloggerd.exe Null Hostname Denial of Service

This signature detects attempts to exploit a known vulnerability in CA BrightStor ARCserve Backup caloggerd process. An attacker can send a specially crafted RPC request, to exploit a Null dereference issue and create a denial-of-service condition on the affected process.

Extended Description

Computer Associates BrightStor ARCserve Backup is prone to multiple denial-of-service vulnerabilities due to memory-corruption issues caused by errors in processing arguments passed to RPC procedures. A remote attacker may exploit these issues to crash the affected services, resulting in denial-of-service conditions. The following applications are affected: BrightStor ARCserve Backup v9.01, r11.1, r11.5, r11 for Windows BrightStor Enterprise Backup r10.5 CA Server Protection Suite r2, CA Business Protection Suite r2 CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2

Affected Products

• Computer_associates brightstor_arcserve_backup 11.1.0
• Computer_associates brightstor_arcserve_backup 11.5
• Computer_associates brightstor_arcserve_backup 11.5.2 SP2
• Computer_associates brightstor_arcserve_backup 9.01
• Computer_associates brightstor_arcserve_backup_for_windows 11.0.0
• Computer_associates brightstor_enterprise_backup 10.5.0
• Computer_associates business_protection_suite r2
• Computer_associates business_protection_suite_for_microsoft_sbs_pre_ed r2
• Computer_associates business_protection_suite_for_microsoft_sbs_std_ed r2
• Computer_associates server_protection_suite r2

References

• BugTraq: 24017
• CVE: CVE-2007-2772
• URL: http://securitytracker.com/alerts/2007/May/1018076.html
• URL: http://www.milw0rm.com/exploits/3939