|
ALARM Group ALERT — click for a description of ALARM, The Computing Alert System Alert Number: 080405-01 Alert Date: 08/04/05 Alert Title: Increased Scanning activity for Computer Associates BrightStor ARCserve Vulnerability Update-to: none OS/Platform/Application: Computer Associates BrightStor ARCserve Backup (BAB) r11.1 Windows Computer Associates BrightStor ARCserve Backup 11 for Windows Computer Associates BrightStor ARCserve Backup 9.01 Windows Computer Associates BrightStor Enterprise Backup v10.0 for Windows Computer Associates BrightStor Enterprise Backup v10.5 for Windows Category: ALERT Severity: MEDIUM Attention: System Administrators that use any of the above-listed BrightStor products. |
Summary: Several Internet Security monitoring and advisory agencies are reporting an uptick in observed scanning activity presumed to be associated with a series of recently-released exploits for the Computer Associates BrightStor ARCserve Backup utility.Recommended Actions: Current information about this situation is somewhat limited beyond the observed spike in probe activity. The consensus among various security agencies is a recommendation to install patches (provided by the vendor: see links below) on any vulnerable installations. System administrators are encouraged to read the vulnerability information (link below) and if appropriate install the patches immediately.
ITS Actions: At this time, ITS is taking no specific actions to counter this probe activity. An update will be issued if any new actions are taken.
Resources:
Computer Associates Security Advisory
US-CERT Vulnerability notice
