Hi,
I'm developing a tool for testing the effectiveness of IPS/IDS
devices against various exploits. I could not find any working Poc for
this particular vulnerability.
Please help me out with any information about any working exploit
for this vulnerability or Poc.
Details:
Exploit: CA Brightstor ARCserve Backup dbasvr.exe memory corruption
vulnerability
Product: CA ARCserv Backup r11.5
Description:
A remote stack overflow vulnerability exist in the RPC interface of CA BrightStor ARCServe BackUp. An arbitrary anonymous attacker can execute arbitrary code on the affected system by exploiting this vulnerability.
CAN ID: 2007-5329
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5329>
BID: 26015 <http://www.securityfocus.com/bid/26015>
Thanks in advance,
Sairam
************************************************************************
********
This email message (including any attachments) is for the sole use of the intended recipient(s)
and may contain confidential, proprietary and privileged information. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the intended recipient,
please immediately notify the sender by reply email and destroy all copies of the original message.
Thank you.
I'm developing a tool for testing the effectiveness of IPS/IDS
devices against various exploits. I could not find any working Poc for
this particular vulnerability.
Please help me out with any information about any working exploit
for this vulnerability or Poc.
Details:
Exploit: CA Brightstor ARCserve Backup dbasvr.exe memory corruption
vulnerability
Product: CA ARCserv Backup r11.5
Description:
A remote stack overflow vulnerability exist in the RPC interface of CA BrightStor ARCServe BackUp. An arbitrary anonymous attacker can execute arbitrary code on the affected system by exploiting this vulnerability.
CAN ID: 2007-5329
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5329>
BID: 26015 <http://www.securityfocus.com/bid/26015>
Thanks in advance,
Sairam
************************************************************************
********
This email message (including any attachments) is for the sole use of the intended recipient(s)
and may contain confidential, proprietary and privileged information. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the intended recipient,
please immediately notify the sender by reply email and destroy all copies of the original message.
Thank you.
Intoto Inc.
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Top 5 Common Mistakes
in Securing Web Applications
Find out now! Get Webinar Recording and PPT Slides
www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------
[ reply ]