Computer Associates ARCserve Backup Remote Code Execution and Denial of Service Vulnerabilities

Computer Associates ARCserve Backup is prone to a remote code-execution vulnerability and a denial-of-service vulnerability.

Successfully exploiting these issues allow a remote attacker to execute arbitrary code with SYSTEM privileges or cause denial-of-service conditions, resulting in a complete compromise of the affected computer; other attacks are also possible.

The following products are vulnerable:

ARCserve Backup for Windows r12.5
ARCserve Backup for Windows r15
ARCserve Backup for Windows r16
ARCserve Backup for Windows r16 SP1


 

Privacy Statement
Copyright 2010, SecurityFocus