ARCserve DDoS Threat

Tuesday, March 27, 2012 @ 06:03 PM gHale


CA Technologies found a flaw in its flagship backup software ARCServe.

The flaw goes all the way back to version 10 of the product, which just reached v.16.

RELATED STORIES
Data Breaches Focus on Money: Study
Agile Hackers will Break Security
Cyber Report: U.S. Knows Groups Behind Attacks
Execs Unaware of Security Risks

The problem “can allow a remote attacker to cause a denial of service condition” and “ … occurs due to insufficient validation of certain network requests. An attacker can potentially use the vulnerability to disable network services,” CA said.

Many versions of ARCserve can fix the bug with a patch, but CA’s advisory said the solution for ARCserve Backup for Windows r12.0 is to “Update to CA ARCserve Backup for Windows r16 SP1.”



Leave a Reply

You must be logged in to post a comment.