Support Content Notification - Support Portal

Security Notice for CA ARCserve Backup Media Server

Product/Component

Notification Id

1890

Last Updated

24 May 2019

Initial Publication Date

24 May 2019

Status

OPEN

Severity

CVSS Base Score

WorkAround

Affected CVE

Last Updated: April 24, 2007

CA's technical support is alerting customers to multiple security risks with CA ARCserve Backup. Multiple vulnerabilities exist with the Media Server component that can allow a remote attacker to cause a denial of service or possibly execute arbitrary code. CA has issued patches to address the vulnerabilities.

The first vulnerability, CVE-2007-1785, addresses an issue with the processing of an object handle.

The second vulnerability, CVE-2007-2139, is due to insufficient bounds checking.

In both cases, a remote unauthenticated attacker can execute arbitrary code with escalated privileges.

Risk Rating

High

Affected Products

CA ARCserve Backup r11.5
CA ARCserve Backup r11.1
CA ARCserve Backup r11 for Windows
BrightStor Enterprise Backup r10.5
CA ARCserve Backup v9.01
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2

Affected Platforms

Windows

How to determine if the installation is affected

Using Windows Explorer, locate the file "mediasvr.exe".

By default, the file is located in the "C:Program FilesCABrightStor ARCserve Backup" directory.
Right click on the file and select Properties.
Select the General tab.
If the file timestamp is earlier than indicated in the below table, the installation is vulnerable.

Product Version	File Name	Timestamp	File Size
r11.5 SP3	mediasvr.exe	04/03/2007 10:07:58	110592
r11.5 SP2	mediasvr.exe	04/03/2007 10:00:04	106496
r11.1	mediasvr.exe	04/03/2007 09:55:18	106496
r10.5	mediasvr.exe	04/03/2007 09:46:26	106496
v9.01	mediasvr.exe	04/03/2007 09:51:42	98304

Solution

CA has issued the following patches to address the vulnerabilities.

CA ARCserve Backup r11.5 SP3 - QO87569
CA ARCserve Backup r11.5 SP2 - QO87570
CA ARCserve Backup r11.1 - QO87573
CA ARCserve Backup r11.0 - QI82917
BrightStor Enterprise Backup r10.5 - QO87575
CA ARCserve Backup v9.01 - QO87574

Workaround

CA recommends that CA ARCserve Backup users implement the following temporary workaround to mitigate the vulnerability:

Rename the "mediasvr.exe" file to a non-functional file name, such as "mediasvc.exe.disable".
Then restart the CA BrightStor Tape Engine service.

References

CVE-2007-1785 Media Server Object Handle
CVE-2007-2139 Media Server Buffer Overflow

Acknowledgement

CA thanks ZDI for reporting issue CVE-2007-2139.

Change History

Version 1.0: Initial Release

If additional information is required, please contact CA Technical Support at https://Support.ca.com

If you discover a vulnerability in CA products, please report your findings to vuln AT ca DOT com, or utilize our "Submit a Vulnerability" form at http://www.ca.com/us/securityadvisor/vulninfo/submit.aspx.