Description: Some vulnerabilities have been reported in BrightStor ARCserve Backup for Laptops & Desktops, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system.
1) An error in the handling of packets within the Mobile Backup Service process (LGSERVER.EXE) can be exploited to cause a heap-based buffer overflow via sending a specially crafted packet containing an overly long string (greater than 65535 bytes) to port 2200/TCP.
2) An error in the handling of packets within the Mobile Backup Service process (LGSERVER.EXE) can be exploited to cause a stack-based buffer overflow via sending an overly long, specially crafted packet to port 1900/TCP.
3) An error in the handling of packets within the Mobile Backup Service process (LGSERVER.EXE) can be exploited to terminate the process via sending a series of specially crafted packets to port 2200/TCP.
4) An error in the handling of packets within the Mobile Backup Service process (LGSERVER.EXE) can be exploited to cause a very large file to be written to the disk or cause the process to become unresponsive via sending a series of specially crafted packets to port 2200/TCP.
The following products for the Windows platform are affected:
* BrightStor ARCserve Backup for Laptops and Desktops r11.1 SP1 (SP2 is not affected)
* BrightStor ARCserve Backup for Laptops and Desktops r11.1
* BrightStor ARCserve Backup for Laptops and Desktops r11.0
* BrightStor Mobile Backup r4.0
* CA Desktop Protection Suite r2
* CA Business Protection Suite r2
* CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
* CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2
* Desktop Management Suite r11.0
* Desktop Management Suite r11.1
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
Provided and/or discovered by: 1) - 3) Mark Litchfield
4) Mark Litchfield and John Heasman
Changelog: 2007-01-24: Added CVE reference.
2007-02-01: Updated "Description" section with new information. Added links to US-CERT.
2007-02-05: Added CVE reference.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.