|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-12-20 | |
| Rule Name: | CA ARCserve Backup Directory Traversal Vulnerability (CVE-2008-4397) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A. | |
| Impact: | An attacker can abtain sensitive information of the target victim, and do malicious actions to gain profits using the information. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | SecurityFocusBID:31684 http://securityreason.com/securityalert/4412 http://www.securityfocus.com/archive/1/497218 http://www.securityfocus.com/archive/1/497281/100/0/threaded |
|
| Solutions |
|---|
| The vendor has released upgrade patches to fix vulnerabilities, please visit: https://support.ca.com/irj/portal/anonymous/redirArticles?reqPage=search&searchID;=RO02398 |