Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

CA Faces Backup Flaw

Officials at the U.S. Computer Emergency Readiness Team (US-CERT) have identified a security vulnerability in CA's widely OEM'd BrightStor ARCserve Backup product, which they warn could leave users' systems open to attack.

Officials say that the flaw affects the software's Tape Engine feature, which allows ARCserve Backup products to use tape drives for storage. According to US-Cert, the tape engine contains a vulnerability that is caused by incorrect handling of Remote Procedure Call (RPC) requests, which allow programs to request services across a network.

CERT's Website warns that the vulnerability could be exploited by sending a malformed RPC request to port 6502/tcp on a vulnerable system. In the worst case scenario, officials add, a hacker could use this flaw to execute code on users' systems, which often results in a denial-of-service (DOS) attack. (See Symantec Tracks Cybercrime Rise, Check Point Protects Against BGP DOS , and Cisco Unveils DDOS Protection Solution.)

DOS attacks continue to wreak havoc amongst users. (See Symantec Tracks Cybercrime Rise, and Massive DOS Attacks Against ISPs on the Rise.) Earlier this year, for example, Sun's on-demand grid computing service got smacked with a DOS attack on its first day of service. (See Sun Grid Weathers DOS Attack and Sun Unveils Grid Portal.)

The vendor says that it is looking into the problem. "CA is aware of a vulnerability report describing a remotely exploitable buffer overflow in the Tape Engine component of CA BrightStor ARCserve Backup," explained spokesman Michael Kornspan in an email. The company continues to investigate; there is no word on when a patch might be issued. "Once we conclude our investigation and verify the reported vulnerability, we will provide remediation."

  • 1