CA ARCserve Backup DB Engine Denial of Service
Assurent ID: FSC20081009-12
CA ARCserve Backup 11.1 Windows
CA ARCserve Backup 11.5 Windows
CA ARCserve Backup 12.0 Windows
Reference: http://www.ca.com/us/data-loss-prevention.aspx
A vulnerability has been discovered in the DB Engine component of CA
ARCserve Backup. Insufficient input validation when processing remote
procedure call (RPC) requests is the cause of this vulnerability.
A remote unauthenticated attacker can exploit this vulnerability by sending
a crafted message to the target server on TCP port 6504. A successful attack
could cause a denial of service condition for the DB Engine.
Assurent has confirmed the vulnerability in:
CA ARCserve Backup 11.1 Windows
CA ARCserve Backup 11.5 Windows
CA ARCserve Backup 12.0 Windows
Apply the vendor patch or block communication from untrusted networks to TCP
port 6504.
CA has released a bulletin addressing this vulnerability.
Reference:
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143
2008-05-29 Reported to vendor
2008-05-29 Initial vendor response
2008-10-09 Coordinated public disclosure
Vulnerability Research Team, Assurent Secure Technologies, a TELUS company
CVE: CVE-2008-4399
Vendor: 188143
Assurent's Vulnerability Research Service (VRS) for security product
vendors, and Threat Protection Programs (TPP) for MSPs and enterprise
security teams, help to eliminate the significant costs incurred by security
product vendors, MSPs, and enterprise security teams in responding to and
managing critical new security vulnerabilities and other threats including
worm & virus outbreaks and other malware. The VRS and TPP services are
real-time feeds providing subscribers with detailed analysis of the top
security vulnerabilities, focused on the specific needs of each group of
customers.