CA ARCserve Backup Multiple Vulnerabilities - Advisories - Secunia



Some vulnerabilities have been reported in CA ARCserve Backup, which can be exploited by malicious people to compromise a vulnerable system.
1) An input validation error within the logging service (caloggerd) can be exploited to append arbitrary data to arbitrary files via directory traversal attacks.
2) Boundary errors in certain xdr functions (e.g. "xdr_rwsstring()") can be exploited to cause stack-based buffer overflows.
Successful exploitation of the vulnerabilities allows execution of arbitrary code.