Secunia Advisory: CA BrightStor ARCserve Backup RPC Server Denial of Service

by Vitaly Popovich [Published on 2 Feb. 2007 / Last Updated on 2 Feb. 2007]


Description:M. Shirk has discovered a vulnerability in CA BrightStor ARCserve Backup, which can be exploited by malicious people to cause a DoS (Denial of Service).The vulnerability is caused due to a NULL pointer dereference error when handling TADDR2UADDR (0x08) request types within the CA Remote Procedure Call Server service (CATIRPC.EXE). This can be exploited to crash the service by sending a specially crafted packet to port 111/UDP.The vulnerability is confirmed in version r11.5 SP2. Other versions may also be affected.Solution:Restrict access to the service.

Description:
M. Shirk has discovered a vulnerability in CA BrightStor ARCserve Backup, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is caused due to a NULL pointer dereference error when handling TADDR2UADDR (0x08) request types within the CA Remote Procedure Call Server service (CATIRPC.EXE). This can be exploited to crash the service by sending a specially crafted packet to port 111/UDP.

The vulnerability is confirmed in version r11.5 SP2. Other versions may also be affected.

Solution:
Restrict access to the service.

Add Review or Comment

Featured Links