Support Content Notification - Support Portal

Security Notice for CA ARCserve Backup LDBserver

Product/Component

Notification Id

1889

Last Updated

24 May 2019

Initial Publication Date

24 May 2019

Status

OPEN

Severity

CVSS Base Score

WorkAround

Affected CVE

Issued: December 10, 2008

CA's technical support is alerting customers to a security risk with CA ARCserve Backup. A vulnerability exists that can allow a remote attacker to cause a denial of service or execute arbitrary code. CA has issued patches to address the vulnerability.

The vulnerability, CVE-2008-5415, is due to insufficient verification of client data. A remote attacker can crash the LDBserver service or execute arbitrary code in the context of the service.

Note: The client installation is not affected.

Risk Rating

High

Platform

Windows

Affected Products

CA ARCserve Backup r12.0 Windows
CA ARCserve Backup r11.5 Windows*
CA ARCserve Backup r11.1 Windows*
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2

Non-Affected Products

CA ARCserve Backup r12.0 Windows SP1

How to determine if the installation is affected

CA ARCserve Backup r12.0 Windows,
CA ARCserve Backup r11.5 Windows:

Run the ARCserve Patch Management utility. From the Windows Start menu, it can be found under Programs->CA->ARCserve Patch Management->Patch Status.
The main patch status screen will indicate if the respective patch in the below table is currently applied. If the patch is not applied, the installation is vulnerable.

Product	Patch
CA ARCserve Backup r12.0 Windows	RO01340
CA ARCserve Backup r11.5 Windows*	RO04383

For more information on the ARCserve Patch Management utility, read document TEC446265 for r12.0 or TEC463526 for r11.5.

Alternatively, use the file information below to determine if the product installation is vulnerable.

CA ARCserve Backup r11.1 Windows:

Using Windows Explorer, locate the file "DBserver.dll". By default, the file is located in the "C:Program FilesCABrightStor ARCserve Backup" directory.
Right click on the file and select Properties.
Select the General tab.
If the file timestamp is earlier than indicated in the table below, the installation is vulnerable.

Product version	File Name	File Size	Timestamp
CA ARCserve Backup r11.1 Windows	DBserver.dll	675840 bytes	11/25/2008 09:32:21

*CA Protection Suites r2 includes CA ARCserve Backup 11.5

Solution

CA has issued the following patches to address the vulnerabilities.

CA ARCserve Backup r12.0 Windows:
Apply Service Pack 1 (RO01340)

CA ARCserve Backup r11.5 Windows:
RO04383

CA ARCserve Backup r11.1 Windows:
RO04382

CA Protection Suites r2:
RO04383

Workaround

None

References

CVE-2008-5415 - LDBserver code execution

Acknowledgement

CVE-2008-5415 - Dyon Balding of Secunia Research

Change History

Version 1.0: Initial Release

If additional information is required, please contact CA Support at support.ca.com.

If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team.