| Description: | | A vulnerability has been reported in a component of Computer Associates' ARCserve Backup server products. The Discovery Service application is used to automatically gather information about ARCserve products on the local network. It is prone to a buffer overflow when receiving a specially crafted message. This flaw may allow a malicious user to perform a DoS attack or remotely inject and execute code on the the vulnerable system with system level privileges. In a simple attack case, aimed at creating a denial of service condition, the affected service will terminate. If the service is not set up to restart automatically, then the discovery functionality of the backup server will be unavailable following an attack. The discovery agent is used to automatically discover ARCserve backup software and agents on remote targets. Without this service, in order to have a centralized database and job management for multiple machines, a user will have to manually add this information to the main management server. In a more sophisticated attack scenario, where the malicious user is successful in injecting and executing supplied code, the behaviour of the system is dependent on the nature and intent of the injected code. |