-->
SecPod ID: 10087 Status: Public Report
CA ARCserve Backup LDBserver RPC "handle_t" Argument Severity: Medium
Vulnerability Release Date: 12-12-2008
CVSS Base Score: 10.0 (AV:N/AC:L/Au:NR/C:C/I:C/A:C)
CVSS Temporal Score = 7.4
Impact Level: Application
Affected Software/OS/Device:
- CA ARCserve Backup r12.0 Windows
- CA ARCserve Backup r11.5 Windows
- CA ARCserve Backup r11.1 Windows
- CA Server Protection Suite r2
- CA Business Protection Suite r2
- CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
- CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
OpenVAS Plugin ID:
Snort Signature ID:
OVAL ID:
Vulnerability Insight:
Overview:
CA ARCserve Backup LDBserver is prone to RPC Argument Vulnerability.
Description:
This flaw is due to insufficient verfification of 'handle_t' arguments
passed to RPC. Passing object pointers to procedures that expect different
types can result in arbitrary code execution.
Impact:
Successful exploitation will let the attacker execute arbitrary codes in the
context of the application and can compromise the system as well.
CVSS Score Report:
ACCESS_VECTOR = NETWORK
ACCESS_COMPLEXITY = LOW
AUTHENTICATION = NOT_REQUIRED
CONFIDENTIALITY_IMPACT = COMPLETE
INTEGRITY_IMPACT = COMPLETE
AVAILABILITY_IMPACT = COMPLETE
EXPLOITABILITY = UNPROVEN
REMEDIATION_LEVEL = OFFICIAL_FIX
REPORT_CONFIDENCE = CONFIRMED
CVSS Base Score = 10.0 (AV:N/AC:L/Au:NR/C:C/I:C/A:C)
CVSS Temporal Score = 7.4
Risk factor = High
Fix:
Apply the security patches,
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=194293
References:
http://www.securityfocus.com/bid/32764