CA ARCserve Backup Network Service Network Request Parsing Remote DoS

medium Nessus Plugin ID 58607

Synopsis

The remote service is affected by a denial of service vulnerability.

Description

According to its version, the installation of CA ARCserve Backup on the remote host allows a remote attacker to cause a denial of service condition via a specially crafted network request.

Note that this plugin cannot detect if the patch correcting this issue for r12.0 or r15 SP1 (build 6300) has been applied.

Solution

Either apply the appropriate patch as described in the vendor advisory referenced above, or upgrade to CA ARCserve Backup r12.5 SP2 / r16 SP1 or later.

See Also

http://www.nessus.org/u?aea9f62d

https://seclists.org/fulldisclosure/2012/Mar/237

Plugin Details

Severity: Medium

ID: 58607

File Name: arcserve_backup_dos.nasl

Version: 1.5

Type: remote

Agent: windows

Family: Windows

Published: 4/5/2012

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:ca:arcserve_backup

Required KB Items: ARCSERVE/Discovery/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 3/20/2012

Vulnerability Publication Date: 3/20/2012

Reference Information

CVE: CVE-2012-1662

BID: 52655