CA has released updates to address two vulnerabilities in BrightStor ARCserve Backup. The first vulnerability is due to an input validation error within the logging service, "caloggerd." The second vulnerability is due to a buffer overflow conditions within multiple "xdr" functions. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.
d-PIT encourages users to review the CA Security Notice and apply any necessary updates or workarounds.
Relevant URL: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798