OSVDB ID: 14011

Title: Arkeia Backup Client Type 77 Request Processing Buffer Remote Overflow

Info

Disclosure

Feb 18, 2005

Discovery

Unknown

Dates

Exploit

Feb 18, 2005

Solution

Unknown

Description

A remote overflow exists in Arkeia Backup Client. The application fails to perform proper bounds checking when processing packets marked as 'type 77' resulting in a buffer overflow. With a specially crafted type 77 request to port 617 (tcp), a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Public, Exploit Commercial
Disclosure: OSVDB Verified

Solution

Upgrade to version 5.1.21, 5.2.28, 5.3.5 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by implementing the following workaround: Restrict access to the service.

Products

Arkeia Corp.	Arkeia Network Backup	5.3.3
		5.2.27
		4.2.x

References

Security Tracker: 1013256
Milw0rm: 102
Exploit Database: 102
Bugtraq ID: 12594
Metasploit ID: 14011
Secunia Advisory ID: 14327
ISS X-Force ID: 19398
CVE ID: 2005-0491 (see also: NVD)
Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-02/0397.html
http://archives.neohapsis.com/archives/fulldisclosure/2005-02/0420.html
http://archives.neohapsis.com/archives/fulldisclosure/2005-02/0433.html
http://archives.neohapsis.com/archives/fulldisclosure/2005-02/0487.html
http://marc.theaimsgroup.com/?l=bugtraq&m=110887325425794&w=2
Other Advisory URL: http://metasploit.com/research/arkeia_agent/
Vendor URL: http://www.arkeia.com/
Generic Exploit URL: http://www.saintcorporation.com/cgi-bin/exploit_info/arkeia_type_77_request

Credit

John Doe - guldens111hotmail.com -

Direct URL: http://osvdb.org/14011

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Arkeia Corp.

Arkeia Network Backup

References

Credit