IDS mailing list archives

Re: Request for Information on Exploit 'CA Brightstor ARCserve Backup dbasvr.exe memory corruption vulnerability'

From: "Ravi Chunduru" <ravi.is.chunduru () gmail com>
Date: Fri, 16 May 2008 08:15:32 -0700

Did you try www.milw0rm.org?  I searched for 'Brightstor', I almost
got 20 results.

Ravi

On Thu, May 15, 2008 at 5:31 AM, M P Sairam <msairam () intoto com> wrote:

Hi,
    I'm developing a tool for testing the effectiveness of IPS/IDS devices
against various exploits. I could not find any working Poc for this
particular vulnerability.

    Please help me out with any information about any working exploit for
this vulnerability or Poc.

Details:

Exploit: CA Brightstor ARCserve Backup dbasvr.exe memory corruption
vulnerability

Product: CA ARCserv Backup r11.5

Description:
A remote stack overflow vulnerability exist in the RPC interface of CA
BrightStor ARCServe BackUp. An arbitrary anonymous attacker can execute
arbitrary code on the affected system by exploiting this vulnerability.

CAN ID: 2007-5329
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5329>
BID: 26015 <http://www.securityfocus.com/bid/26015>

Thanks in advance,
Sairam



********************************************************************************
This email message (including any attachments) is for the sole use of the
intended recipient(s) and may contain confidential, proprietary and
privileged information. Any unauthorized review, use, disclosure or
distribution is prohibited. If you are not the intended recipient, please
immediately notify the sender by reply email and destroy all copies of the
original message. Thank you.

Intoto Inc.

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it with real-world attacks from CORE
IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------


------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------

Current thread:

Request for Information on Exploit 'CA Brightstor ARCserve Backup dbasvr.exe memory corruption vulnerability' M P Sairam (May 15)
- RE: Request for Information on Exploit 'CA Brightstor ARCserve Backup dbasvr.exe memory corruption vulnerability' Chris Ralph (May 16)
- Re: Request for Information on Exploit 'CA Brightstor ARCserve Backup dbasvr.exe memory corruption vulnerability' Ravi Chunduru (May 20)