Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Applications
    • Applications
    • Cybersecurity
    • Database

    Attack Code Posted for CA BrightStor Flaw

    By
    Ryan Naraine
    -
    March 18, 2008
    Share
    Facebook
    Twitter
    Linkedin

      Hackers have posted proof-of-concept code that could be used to launch code execution attacks against businesses using the CA BrightStor ARCserve Backup software product.
      eWEEK has confirmed that the code, posted at Milw0rm.com, exploits an unpatched ActiveX vulnerability in CA BrightStor ARCserve Backup to launch client-side attacks on laptop and desktop computers.
      The attack code was successfully tested on CA BrightStor ARCserve Backup r11.5 in tandem with Internet Explorer 6 (Windows XP Service Pack 2).
      According to virus trackers in Symantec’s DeepSight threat management system, there is a stack-based buffer overflow in the ListCtrl.ocx object. “An attacker may be able to corrupt structured exception handlers on the stack, thereby allowing arbitrary code to run. This issue can be triggered by passing a buffer to the ‘AddColumn()’ method,” according to DeepSight analyst Aaron Adams.

      Hackers are looking to steal online gaming passwords. Read more here.

      The current public exploit contains a payload that executes “calc.exe” (calculator) only, but Adams said that trivial modification of the code could allow an arbitrary payload, such as one to bind a shell to a TCP port. A more malicious payload could be included without affecting the exploit’s reliability, he said.
      In the absence of a patch from CA, affected users are urged to set the kill bit on the affected CLSID (BF6EFFF3-4558-4C4C-ADAF-A87891C5F3A3) for workstations or terminal server computers that have the BrightStor ARCserve Backup software installed.
      Instructions for disabling vulnerable ActiveX controls can be found in this Microsoft Knowledge Base article.
      Symantec DeepSight also recommends:

      • Browsing the Web with the least privileges possible.
      • Disabling active content where possible.
      • Configuring operating systems to run with all available security mechanisms (such as DEP) enabled to hamper an attacker’s ability to successfully leverage the vulnerability.

      Serious ActiveX vulnerabilities have recently been disclosed in several widely deployed software applications, including RealPlayer’s RealNetworks media player and image uploaders used by MySpace and Facebook.

      Avatar
      Ryan Naraine

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×