Signature Detail

APP: CA ARCserve Backup Tape Engine Denial of Service

This signature detects attempts to exploit a known vulnerability in CA BrightStor ARCserve Backup Tape Engine service. A successful attack can result in a denial-of-service condition.

Extended Description

Computer Associates ARCserve Backup is prone to multiple remote vulnerabilities. Successful exploits allow remote attackers to cause denial-of-service conditions or to execute arbitrary commands in the context of the affected application. This may result in a complete compromise of affected computers. The following applications are affected: CA BrightStor ARCserve Backup r11.1, r11.5, r12.0 for Windows CA Server Protection Suite r2 CA Business Protection Suite r2 CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2

Affected Products

• Computer_associates brightstor_arcserve_backup 11.1.0
• Computer_associates brightstor_arcserve_backup 11.5
• Computer_associates brightstor_arcserve_backup r12
• Computer_associates brightstor_arcserve_backup r12.0 Windows
• Computer_associates brightstor_arcserve_backup_for_windows 11.0.0
• Computer_associates brightstor_arcserve_backup_for_windows_(all) 11.1
• Computer_associates brightstor_arcserve_backup_for_windows_(all) 11.5.0
• Computer_associates brightstor_enterprise_backup 10.5.0
• Computer_associates business_protection_suite r2
• Computer_associates business_protection_suite_for_microsoft_sbs_pre_ed r2
• Computer_associates business_protection_suite_for_microsoft_sbs_std_ed r2
• Computer_associates server_protection_suite r2

References

• BugTraq: 31684
• CVE: CVE-2008-4398
• CVE: CVE-2008-4399