CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities (Updated)

Title: CA20090615-01: CA ARCserve Backup Message Engine Denial of=20
Service Vulnerabilities


CA Advisory Reference: CA20090615-01


CA Advisory Date: 2009-06-15


Reported By: iViZ Security Research Team


Impact: A remote attacker can cause a denial of service.


Summary: CA ARCserve Backup contains multiple vulnerabilities in=20
the message engine that can allow a remote attacker to cause a=20
denial of service. CA has issued an update to address the=20
vulnerabilities. The vulnerabilities, CVE-2009-1761, occur due to=20
insufficient verification of data sent to the message engine. An=20
attacker can make requests that can cause the message engine to=20
crash.


Mitigating Factors: None


Severity: CA has given these vulnerabilities a Medium risk rating.


Affected Products:
CA ARCserve Backup r12.0 Windows
CA ARCserve Backup r12.0 SP 1 Windows


Non-Affected Products:
CA ARCserve Backup r11.5 SP 4 Windows
CA ARCserve Backup r12.0 SP 2 Windows
CA ARCserve Backup r12.5


Affected Platforms:
Windows


Status and Recommendation:
CA has issued the following patches to address the vulnerabilities.

CA ARCserve Backup r12.0, r12.0 SP1 Windows:
Install Service Pack 2 RO08383.


How to determine if the installation is affected:

CA ARCserve Backup r12.0, r12.0 SP1 Windows:
   1. Run the ARCserve Patch Management utility. From the Windows=20
      Start menu, the program can be found under=20
      Programs->CA->ARCserve Patch Management->Patch Status.
   2. The main patch status screen will indicate if the patch in=20
      the below table is applied. If the patch is not applied,=20
      then the installation is vulnerable.

Product                                          Patch

CA ARCserve Backup r12.0, r12.0 SP1 Windows      RO08383


For more information on the ARCserve Patch Management utility,=20
read document TEC446265.


Workaround:=20
None


References (URLs may wrap):
CA Support:
https://support.ca.com/
CA20090615-01: Security Notice for CA ARCserve Backup Message=20
   Engine
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=3D209=
5
02
Solution Document Reference APARs:
RO08383, TEC446265
CA Security Response Blog posting:
CA20090615-01: CA ARCserve Backup Message Engine Denial of Service=20
   Vulnerabilities
community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15.aspx
Reported By:=20
iViZ Security Research Team
http://www.ivizsecurity.com/security-advisory-iviz-sr-09003.html
http://www.ivizsecurity.com/security-advisory-iviz-sr-09004.html
CVE References:
CVE-2009-1761
http://cve.mitre.org/cgi-bin/cvename.cgi?name=3DCVE-2009-1761
OSVDB References: Pending
http://osvdb.org/


Changelog for this advisory:
v1.0 - Initial Release


Customers who require additional information should contact CA
Technical Support at https://support.ca.com.

For technical questions or comments related to this advisory,=20
please send email to vuln AT ca DOT com.

If you discover a vulnerability in CA products, please report your=20
findings to the CA Product Vulnerability Response Team.
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=3D177=
7
82


Regards,
Ken Williams, Director ; 0xE2941985
CA Product Vulnerability Response Team


CA, 1 CA Plaza, Islandia, NY 11749
=09
Contact http://www.ca.com/us/contact/
Legal Notice http://www.ca.com/us/legal/
Privacy Policy http://www.ca.com/us/privacy/
Copyright (c) 2009 CA. All rights reserved.