Check Point Advisories

Update Protection against CA ARCserve Backup for Laptops and Desktops NetBackup Arbitrary File Upload Vulnerability

Check Point Reference: CPAI-2008-132
Date Published: 9 May 2008
Severity: High
Last Updated: Wednesday 06 August, 2008
Source: Secunia Advisory: SA25606
Industry Reference:CVE-2008-1329
Protection Provided by:
Who is Vulnerable? CA ARCserve Backup for Laptops and Desktops r11.0
CA ARCserve Backup for Laptops and Desktops r11.1
CA ARCserve Backup for Laptops and Desktops r11.5
CA Desktop Management Suite 11.1
CA Desktop Management Suite 11.2
Vulnerability Description A security bypass vulnerability has been reported in CA ARCserve Backup for Laptops and Desktops. Computer Associates (CA) BrightStor ARCserve Backup for Laptops and Desktops provides backup and data recovery for remote, mobile and desktop computers. A remote attacker may exploit this vulnerability to execute arbitrary code on a vulnerable system.
Update/Patch AvaliableApply updates:
CA
Vulnerability DetailsThe vulnerability is due to an error in the NetBackup service that fails to sanitize malicious content in client requests. An attacker can exploit this issue by sending a specially crafted request to the target service. Successful exploitation of this vulnerability can allow the attacker to upload arbitrary files to controllable location on the server, enabling execution of arbitrary code.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK