CA BrightStor ARCserve Backup Tape Engine and Portmapper Multiple Vulnerabilities (QO86255)

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote software is affected by multiple vulnerabilities.

Description :

According to its version, the installation of BrightStor ARCserve
Backup on the remote host is affected by multiple buffer overflows
involving the application's Tape Engine and portmapper services. An
unauthenticated, remote attacker may be able to leverage these issues
to crash or disable the services or to execute arbitrary code on the
affected host with SYSTEM privileges.

See also :

http://www.nessus.org/u?deaadc11
http://seclists.org/fulldisclosure/2007/Mar/265
http://www.nessus.org/u?deaadc11

Solution :

Apply the appropriate patch as described in the vendor advisory
referenced above.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 24816 (arcserve_qo86255.nasl)

Bugtraq ID: 21221
22365
22994

CVE ID: CVE-2006-6076
CVE-2007-0816
CVE-2007-1447
CVE-2007-1448

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now