[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Assurent VR - CA ARCserve Backup DB Engine Denial of Service
- To: full-disclosure@xxxxxxxxxxxxxxxxx;bugtraq@xxxxxxxxxxxxxxxxx;
- Subject: [Full-disclosure] Assurent VR - CA ARCserve Backup DB Engine Denial of Service
- From: VR-Subscription-noreply@xxxxxxxxxxxx
- Date: Thu, 9 Oct 2008 15:50:12 -0400 (EDT)
CA ARCserve Backup DB Engine Denial of Service
Assurent ID: FSC20081009-12
1. Affected Software
CA ARCserve Backup 11.1 Windows
CA ARCserve Backup 11.5 Windows
CA ARCserve Backup 12.0 Windows
Reference: http://www.ca.com/us/data-loss-prevention.aspx
2. Vulnerability Summary
A vulnerability has been discovered in the DB Engine component of CA ARCserve
Backup. Insufficient input validation when processing remote procedure call
(RPC) requests is the cause of this vulnerability.
3. Vulnerability Analysis
A remote unauthenticated attacker can exploit this vulnerability by sending a
crafted message to the target server on TCP port 6504. A successful attack
could cause a denial of service condition for the DB Engine.
4. Vulnerability Detection
Assurent has confirmed the vulnerability in:
CA ARCserve Backup 11.1 Windows
CA ARCserve Backup 11.5 Windows
CA ARCserve Backup 12.0 Windows
5. Workaround
Apply the vendor patch or block communication from untrusted networks to TCP
port 6504.
6. Vendor Response
CA has released a bulletin addressing this vulnerability.
Reference:
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143
7. Disclosure Timeline
2008-05-29 Reported to vendor
2008-05-29 Initial vendor response
2008-10-09 Coordinated public disclosure
8. Credits
Vulnerability Research Team, Assurent Secure Technologies, a TELUS company
9. References
CVE: CVE-2008-4399
Vendor: 188143
10. About Assurent VRS
Assurent's Vulnerability Research Service (VRS) for security product vendors,
and Threat Protection Programs (TPP) for MSPs and enterprise security teams,
help to eliminate the significant costs incurred by security product vendors,
MSPs, and enterprise security teams in responding to and managing critical new
security vulnerabilities and other threats including worm & virus outbreaks and
other malware. The VRS and TPP services are real-time feeds providing
subscribers with detailed analysis of the top security vulnerabilities, focused
on the specific needs of each group of customers.
http://www.assurent.com/index.php?id=17
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/