SecurityFocus

Request for Information on Exploit 'CA Brightstor ARCserve Backup dbasvr.exe memory corruption vulnerability' May 15 2008 12:31PM
M P Sairam (msairam intoto com) (2 replies)

Re: Request for Information on Exploit 'CA Brightstor ARCserve Backup dbasvr.exe memory corruption vulnerability' May 16 2008 03:15PM
Ravi Chunduru (ravi is chunduru gmail com)

Did you try www.milw0rm.org? I searched for 'Brightstor', I almost
got 20 results.

Ravi

On Thu, May 15, 2008 at 5:31 AM, M P Sairam <msairam (at) intoto (dot) com [email concealed]> wrote:
> Hi,
> I'm developing a tool for testing the effectiveness of IPS/IDS devices
> against various exploits. I could not find any working Poc for this
> particular vulnerability.
>
> Please help me out with any information about any working exploit for
> this vulnerability or Poc.
>
> Details:
>
> Exploit: CA Brightstor ARCserve Backup dbasvr.exe memory corruption
> vulnerability
>
> Product: CA ARCserv Backup r11.5
>
> Description:
> A remote stack overflow vulnerability exist in the RPC interface of CA
> BrightStor ARCServe BackUp. An arbitrary anonymous attacker can execute
> arbitrary code on the affected system by exploiting this vulnerability.
>
> CAN ID: 2007-5329
> <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5329>
> BID: 26015 <http://www.securityfocus.com/bid/26015>
>
> Thanks in advance,
> Sairam
>
>
>
> ************************************************************************
********
> This email message (including any attachments) is for the sole use of the
> intended recipient(s) and may contain confidential, proprietary and
> privileged information. Any unauthorized review, use, disclosure or
> distribution is prohibited. If you are not the intended recipient, please
> immediately notify the sender by reply email and destroy all copies of the
> original message. Thank you.
>
> Intoto Inc.
>
> ------------------------------------------------------------------------

> Test Your IDS
>
> Is your IDS deployed correctly?
> Find out quickly and easily by testing it with real-world attacks from CORE
> IMPACT.
> Go to
> http://www.coresecurity.com/index.php5?module=Form&action=impact&campaig
n=intro_sfw
> to learn more.
> ------------------------------------------------------------------------

>
>

------------------------------------------------------------------------

Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaig
n=intro_sfw
to learn more.
------------------------------------------------------------------------

[ reply ]

RE: Request for Information on Exploit 'CA Brightstor ARCserve Backup dbasvr.exe memory corruption vulnerability' May 15 2008 04:47PM
Chris Ralph (cralph toplayer com)