いつもながら危険だ・・・ArcServe

Some vulnerabilities have been reported in CA ARCserve Backup, which can be exploited by malicious people to compromise a vulnerable system.
1) An input validation error within the logging service (caloggerd) can be exploited to append arbitrary data to arbitrary files via directory traversal attacks.
2) Boundary errors in certain xdr functions (e.g. "xdr_rwsstring()") can be exploited to cause stack-based buffer overflows.
Successful exploitation of the vulnerabilities allows execution of arbitrary code.

関連URL

• CA、バックアップ製品「ARCserve Backup」の脆弱性に対処 - ITmedia エンタープライズ