The Computer Associates BrightStor ARCserve Backup Discovery Service contains a buffer overflow, which may allow a remote attacker to execute arbitrary code.
Computer Associates BrightStor ARCserve Backup is a cross-platform backup and recovery application. The ARCserve Backup Discovery Service fails to properly check incoming network traffic on 41524/udp, creating a buffer overflow vulnerability.
Exploit code for this vulnerability is publicly available.
A remote, unauthenticated attacker may be able to execute arbitrary code on a system running the vulnerable software.
Upgrade or patch
This vulnerability was reported by iDEFENSE, who in turn credits Patrik Karlsson and an anonymous source.
This document was written by Will Dormann.
|Date First Published:||2005-08-04|
|Date Last Updated:||2005-08-11 19:07 UTC|