Some vulnerabilities have been reported in CA ARCserve Backup, which can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system.
1) An input validation error exists in the message engine service when processing RPC call parameters. This can be exploited to execute arbitrary commands via directory traversal attacks.
2) An unspecified error in the tape engine service can be exploited to cause a crash via a specially crafted request.
3) An unspecified error in the database engine service can be exploited to cause a crash via a specially crafted request. 4) An unspecified error while validating authentication credentials can be exploited to crash multiple services.