Bekijk Volledige Versie : Re: BrightStor ARCserve Backup buffer overflow PoC
Is this for the same flaw detailed at the URL below? The iDefense bug
seems to be in the UDP service, but this affects the TCP service...
http://www.idefense.com/application/poi/display?id=194&type=vulnerabilities
We just posted an exploit for the UDP overflow (thanks Syscall) to the
metasploit.com web site, it does not seem like the same vulnerability:
http://metasploit.com/projects/Framework/exploits.html#cabrightstor_disco
-HD
On Friday 11 February 2005 12:19, cybertronic@gmx.net wrote:
> //cybertronic@gmx.net
>
> #define PORT 41523
Cybertronic has confirmed that this is not the same vulnerability as the
UDP overflow and that it is not addressed by any available patch from CA.
A module for the Metasploit Framework is available from metasploit.com:
http://metasploit.com/projects/Framework/exploits.html#cabrightstor_disco_servicepc
-HD
Williams, James K
16/02/05, 21:35
> Subject: BrightStor ARCserve Backup buffer overflow PoC
> From: <cybertronic () gmx ! net>
> Date: 2005-02-11 18:19:23
> Message-ID: <20050211181923.27031.qmail () www ! securityfocus ! com>
>
> //cybertronic@gmx.net
>=20
> #include <stdio.h>
> [...snip...]
> To: BugTraq
> Subject: Re: BrightStor ARCserve Backup buffer overflow PoC
> Date: Feb 13 2005 3:08AM
> Author: H D Moore <sflist digitaloffense net>
> Message-ID: <200502122108.56300.sflist@digitaloffense.net>
> In-Reply-To: <20050211181923.27031.qmail@www.securityfocus.com>
>=20
> Cybertronic has confirmed that this is not the same vulnerability as
the=20
> UDP overflow and that it is not addressed by any available patch from
CA.
>
> A module for the Metasploit Framework is available from
metasploit.com:
>=20
>
http://metasploit.com/projects/Framework/exploits.html#cabrightstor_disc
o_servicepc
>
> -HD
=20
Cybertronic,
Thanks for the information. We are currently looking into the issue.
HD,
Thanks for the additional info and follow-up.
Bugtraq community,
Please note that vulnerability issues associated with CA products (or=20
any other product) can be submitted by email to vuln@ca.com, or on our=20
web site at http://www3.ca.com/securityadvisor/vulninfo/submit.aspx.
Please send an email to vuln@ca.com if you need to communicate in a=20
more secure fashion, or need to communicate via phone or snail mail.
Regards,
Ken Williams
=20
Ken Williams, Director, Research ; 0xE2941985
Computer Associates ; james.williams@ca.com=20
A9F9 44A6 B421 FF7D 4000 E6A9 7925 91DF E294 1985