Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
APP:CA:ARCSRV:MAILSLOT-OF |
|---|---|
Severity |
Minor |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Computer Associates ARCserve Mailslot Overflow |
Release Date |
2011/03/11 |
Update Number |
1881 |
Supported Platforms |
idp-4.1.110110609+, isg-3.4.139899+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
APP: Computer Associates ARCserve Mailslot Overflow
This signature detects attempts to exploit a known vulnerability in the Computer Associates Products Discovery Service. An unauthenticated remote attacker can use this vulnerability to remotely inject and execute code on the system with System level privileges.
Extended Description
Multiple Computer Associates products are prone to a remote stack-based buffer-overflow vulnerability. This issue arises because these applications fail to perform boundary checks before copying user-supplied data into insufficiently sized buffers. A successful attack may result in arbitrary code execution with the privileges of the affected application. This issue affects client and server versions of the affected products.
Affected Products
- Computer_associates brightstor_arcserve_backup 11.1.0
- Computer_associates brightstor_arcserve_backup 11.5.0
- Computer_associates brightstor_arcserve_backup 9.01
- Computer_associates brightstor_arcserve_backup_for_windows 11.0.0
- Computer_associates brightstor_enterprise_backup 10.5.0
- Computer_associates business_protection_suite r2
- Computer_associates business_protection_suite_for_microsoft_sbs_pre_ed r2
- Computer_associates business_protection_suite_for_microsoft_sbs_std_ed r2
- Computer_associates server_protection_suite r2
References
- BugTraq: 20364
- CVE: CVE-2006-5142