Overview
The Computer Associates BrightStor ARCserve Backup Discovery Service contains a buffer overflow, which may allow a remote attacker to execute arbitrary code.
Description
Computer Associates BrightStor ARCserve Backup is a cross-platform backup and recovery application. The ARCserve Backup Discovery Service fails to properly check incoming network traffic on 41523/tcp, creating a buffer overflow vulnerability. Exploit code for this vulnerability is publicly available. |
Impact
A remote, unauthenticated attacker may be able to execute arbitrary code on a system running the vulnerable software. |
Solution
Upgrade or patch |
|
Vendor Information
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
References
Acknowledgements
This vulnerability was publicly reported by cybertronic
This document was written by Will Dormann.
Other Information
CVE IDs: | None |
Severity Metric: | 39.38 |
Date Public: | 2005-02-11 |
Date First Published: | 2005-08-04 |
Date Last Updated: | 2005-08-11 19:08 UTC |
Document Revision: | 17 |