Computer Associates ARCserve Backup LDBserver Remote Code Execution Vulnerability

Critical Nessus Plugin ID 69513


The remote host is affected by a remote code execution vulnerability.


The version of CA ARCserve Backup installed in the remote hosted is affected by a remote code execution vulnerability. A remote attacker can exploit this vulnerability by providing a specially crafted handle_t argument to an RPC endpoint for the LDBserver service.


Apply the appropriate patch per the vendor's advisory.

See Also

Plugin Details

Severity: Critical

ID: 69513

File Name: arcserve_backup_cve-2008-5415.nasl

Version: $Revision: 1.5 $

Type: local

Agent: windows

Family: Windows

Published: 2013/08/26

Modified: 2015/01/15

Dependencies: 62811

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ca:arcserve_backup

Required KB Items: SMB/Registry/Enumerated, SMB/CA ARCserve Backup/Installed

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2008/12/10

Vulnerability Publication Date: 2008/12/10

Reference Information

CVE: CVE-2008-5415

BID: 32764

OSVDB: 50683