Secunia

Some vulnerabilities have been reported in CA ARCserve Backup, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.

1) An input validation error exists in the message engine service ("msgeng.exe") when processing RPC call parameters. This can be exploited by sending a specially crafted packet containing directory traversal sequences in a parameter to port 6504/TCP.

Successful exploitation allows executing arbitrary commands.

2) An unspecified error in the tape engine service can be exploited to cause a crash via a specially crafted request.

3) An unspecified error in the database engine service can be exploited to cause a crash via a specially crafted request.

4) An unspecified error while validating authentication credentials can be exploited to crash multiple services.

The vulnerabilities affect the following products:
* CA ARCserve Backup r12.0 Windows
* CA ARCserve Backup r11.5 (formerly BrightStor ARCserve Backup r11.5) Windows
* CA ARCserve Backup r11.1 (formerly BrightStor ARCserve Backup r11.1) Windows
* CA Server Protection Suite r2
* CA Business Protection Suite r2
* CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
* CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2

Solution
Apply patches. Please see the vendor's advisory for more information.

Provided and/or discovered by
The vendor credits:
1) Haifei Li of Fortinet's FortiGuard Global Security Research Team
2, 3) the Vulnerability Research Team of Assurent Secure Technologies
4) Greg Linares of eEye Digital Security

Changelog
Further details available in Customer Area

Original Advisory
CA:
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143

cocoruder:
http://ruder.cdut.net/blogview.asp?logID=274

Deep Links
Links available in Customer Area