Description: M. Shirk has discovered a vulnerability in BrightStor ARCserve Backup, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an input validation error within mediasvr.exe when processing 0xBF RPC requests . This can be exploited to execute arbitrary code via a specially crafted 0xBF RPC request sent to the mediasvr.exe process.
The vulnerability is confirmed in version r11.5 SP2 build 4237. Other versions may also be affected.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, scan using the Network Software Inspector.
Changelog: 2007-04-03: Added link to US-CERT.
2007-04-25: Updated "Solution" and "Solution Status" sections to reflect patch information. Added CVE reference and link to vendor's advisory. Updated affected software list.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.