Computer Associates BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability

Computer Associates BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability

UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.

cybertronic@gmx.net has provided exploit code CABrightStorSQL.c.

cybertronic@gmx.net has also provided exploit code CABrightStorSQL_exp.c.

Exploit code cabrightstor_sqlagent.pm has been released as part of the Metasploit Framework.

/data/vulnerabilities/exploits/CABrightStorSQL.c
/data/vulnerabilities/exploits/CABrightStorSQL_exp.c
/data/vulnerabilities/exploits/cabrightstor_sqlagent.pm