- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
CA ARCserve Backup for Laptops and Desktops Authentication Bypass
Vulnerability
------------------------------------------------------------------------
SUMMARY
<http://www3.ca.com/solutions/Product.aspx?ID=263> ARCServe Backup for
Laptops and Desktops is "a version of ARCServe Backup targeted at small to
medium sized businesses, with many mobile/remote users. It provides client
agents that detect network connectivity and commit backup data when it is
found". Remote exploitation of an authentication bypass vulnerability in
Computer Associates Inc.'s ARCServe Backup for Laptops and Desktops allows
attackers to execute arbitrary code with SYSTEM privileges.
DETAILS
Vulnerable Systems:
* ARCServe Backup for Laptops and Desktops version R11.1 Build 900
This vulnerability specifically exists since the command handlers that
service network requests do not check to see if the peer is authenticated.
Analysis:
Exploitation of this vulnerability allows an attacker to execute all
commands granted to the server administrator. An attacker can add and
delete users and entire organizations, and initiate restore operations for
clients that connect to the server.
Using this vulnerability, an attacker is able to upload arbitrary files
to the server. This results in the execution of arbitrary code with SYSTEM
privileges.
Vendor response:
Computer Associates has addressed this vulnerability with an update. For
more information consult CA's security notice at the following URL.
<http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp> http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp
CVE Information:
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5006>
CVE-2007-5006
Disclosure Timeline:
03/06/2007 - Initial vendor notification
03/06/2007 - Initial vendor response
09/20/2007 - Coordinated public disclosure
ADDITIONAL INFORMATION
The information has been provided by
<mailto:idlabs-advisories@idefense.com> iDefense Labs Security Advisories.
The original article can be found at:
<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=598>
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=598
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
1 comment:
Hmm it appears like your website ate my first comment
(it was super long) so I guess I'll just sum it up what I had written and say, I'm thoroughly enjoying your blog.
I as well am an aspiring blog writer but I'm still new to the whole thing. Do you have any points for newbie blog writers? I'd definitely
appreciate it.
Also visit my site :: Nude
Post a Comment