安全研究

安全漏洞
CA BrightStor ARCserve/Enterprise发现服务SERVICEPC远程缓冲区溢出漏洞

发布日期:2005-02-09
更新日期:2005-02-21

受影响系统:
Computer Associates BrightStor ARCserve Backup v11 (Win32)
描述:
BUGTRAQ  ID: 12536
CVE(CAN) ID: CVE-2005-2535

Computer Associates BrightStor ARCserve/Enterprise是多平台下的备份和恢复保护系统。

Computer Associates BrightStor ARCserve Backup发现服务存在一个缓冲区溢出,远程攻击者可以利用这个漏洞进行缓冲区溢出攻击,可能以进程权限在系统上执行任意指令。

ARCserve Backup软件在处理请求时盲目地拷贝来自网络上的数据,远程攻击者可以通过发送超长的数据导致缓冲区溢出。

<*来源:cybertronic (cybertronic@gmx.net
  
  链接:http://archives.neohapsis.com/archives/bugtraq/2005-02/0123.html
*>

建议:
临时解决方法:

如果您不能立刻安装补丁或者升级,NSFOCUS建议您采取以下措施以降低威胁:

* 部署防火墙,访问控制列表或其他TCP/UDP限制机制,限制不可信网络对于TCP/41523端口的访问.

厂商补丁:

Computer Associates
-------------------
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

Computer Associates BrightStor ARCServe Backup for NetWare 9.0:
      Computer Associates Patch QO64541
      http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO64541&startsearch=1
Computer Associates BrightStor ARCServe Backup for Windows 9.0.1:
     Computer Associates Patch QO64542
     http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO64542&startsearch=1
Computer Associates BrightStor Enterprise Backup 10.0:
     Computer Associates Patch QO64544
     http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO64544&startsearch=1
Computer Associates BrightStor Enterprise Backup 10.5:
     Computer Associates Patch QO64540
     http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO64540&startsearch=1
Computer Associates BrightStor ARCServe Backup for Windows 11.0:
     Computer Associates Patch QO64539
     http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO64539&startsearch=1
Computer Associates BrightStor ARCServe Backup for Windows 11.1:
     Computer Associates Patch QO64496
     http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO64496&os=NT&returninput=0
Computer Associates BrightStor ARCServe Backup for Windows 64 bit 11.1:
     Computer Associates Patch QO64496
     http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO64496&os=NT&returninput=0
Computer Associates BrightStor ARCServe Backup for NetWare 11.1:
     Computer Associates Patch QO64543
     http://supportconnect.ca.com/sc/solcenter/solresults.jsp?aparno=QO64543&startsearch=1

浏览次数:2841
严重程度:10(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障