|
Focus on IDS
Request for Information on Exploit 'CA Brightstor ARCserve Backup dbasvr.exe memory corruption vulnerability' May 15 2008 12:31PM M P Sairam (msairam intoto com) (2 replies) Re: Request for Information on Exploit 'CA Brightstor ARCserve Backup dbasvr.exe memory corruption vulnerability' May 16 2008 03:15PM Ravi Chunduru (ravi is chunduru gmail com) |
|
 Privacy Statement |
Have you look at Traffic IQ Pro from Karalon (www.karalon.com) It has a number of CA Brightstor exploits in its library and is designed specifically to validate inline devices such as an IPS.
Regards
Chris
-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of M P Sairam
Sent: 15 May 2008 13:31
To: focus-ids (at) securityfocus (dot) com [email concealed]
Subject: Request for Information on Exploit 'CA Brightstor ARCserve Backup dbasvr.exe memory corruption vulnerability'
Hi,
I'm developing a tool for testing the effectiveness of IPS/IDS
devices against various exploits. I could not find any working Poc for
this particular vulnerability.
Please help me out with any information about any working exploit
for this vulnerability or Poc.
Details:
Exploit: CA Brightstor ARCserve Backup dbasvr.exe memory corruption
vulnerability
Product: CA ARCserv Backup r11.5
Description:
A remote stack overflow vulnerability exist in the RPC interface of CA BrightStor ARCServe BackUp. An arbitrary anonymous attacker can execute arbitrary code on the affected system by exploiting this vulnerability.
CAN ID: 2007-5329
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5329>
BID: 26015 <http://www.securityfocus.com/bid/26015>
Thanks in advance,
Sairam
************************************************************************
********
This email message (including any attachments) is for the sole use of the intended recipient(s)
and may contain confidential, proprietary and privileged information. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the intended recipient,
please immediately notify the sender by reply email and destroy all copies of the original message.
Thank you.
Intoto Inc.
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaig
n=intro_sfw
to learn more.
------------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: 9.8.2 (Build 3005)
iQEVAwUBSCxpPFUWvHAJ170+AQreoQf/XzOhJ2BFAoE5R9OnEBHi6ndPbdV7lxbS
zWlr/6WeDX+VAnIwp1FinUBxAKUfs0rpliaD6q077B08iVlY3SODiXZSzsDF22pz
2dka9lJ0Mo5TtprcMfvhqs2CDG1164I0e1RjIwUOq2GvX21anFn/YfOdZYnU0Dwa
wJD95dm7uxCM0x/tD1efyJzDn20nemR06NjahrssnBzrsjiD0/Vr+e2jF1pNlIyf
5HsfGemybdEvp4l08OSOtpE7BktfVK8X/wJDQcvgrWTsShjYzP1V0PMsAtXgcEY2
4slj13wKuArbm5ntaCYgwegztPKAXomfoJg5C+s7sy072AtQCppvCQ==
=zqmN
-----END PGP SIGNATURE-----
[ reply ]