CA BrightStor ARCserve Backup 11.5 remote vulnerability

Published: 2006-11-21
Last Updated: 2006-11-22 16:14:24 UTC
by Jason Lam (Version: 2)
0 comment(s)
A new remote code execution vulnerability on ARCServe Backup version 11.5 has been released today. The vulnerability exploits the handling of RPC requests on port 6502. There currently is no vendor patch available.

Note: The earlier post about PoC code is found to be for an older ARCServe vulnerability. We do not know of any PoC code at this point.

-------------------
Jason Lam,  jason /at/ networksec.org
Keywords:
0 comment(s)

Comments


Diary Archives