CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO92996)

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.

Synopsis :

The remote software is affected by multiple vulnerabilities.

Description :

According to its version, the installation of BrightStor ARCserve
Backup on the remote host is affected by multiple issues :

- A vulnerability in 'caloggerd' could allow an
unauthenticated attacker to append data to arbitrary
files on the server using log messages with directory
traversal sequences, which could lead to a system

- Insufficient boundary checks in multiple 'xdr'
functions could allow an unauthorized attacker to
execute arbitrary code with SYSTEM level privileges
or cause a denial of service condition.

See also :

Solution :

Upgrade to ARCserve Backup r11.5 SP4/ r12.0
or apply vendor-supplied patches.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 32398 (arcserve_qo92996.nasl)

Bugtraq ID: 29283

CVE ID: CVE-2008-2241

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now