[VIM] Computer Associates ARCserve D2D and ARCserve Backup Arbitrary Code Execution Vulnerability, BID 51189
rkeith
rkeith at securityfocus.com
Tue Jan 3 14:50:08 CST 2012
Thanks George,
Definitely an oversight on our part, the BIDs have been corrected/retired as required.
Thanks,
Rob
On 12/29/2011 06:41 PM, George A. Theall wrote:
> BID 51189 was created yesterday for an issue in CA ARCserve D2D / ARCserve Backup. It looks to me to be a dup of BID 48897.
>
> Yesterday's BID references an advisory from Hitachi (http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-025/index.html) which in turn references a Japanese language advisory from Computer Associates (http://www.casupport.jp/resources/info/CA20110809-01.htm). Like the earlier BID, that mentions CVE-2011-3011, which immediately should raise suspicions. And, if you use something like Yahoo's Babelfish to translate the page, you'll end up with text that's pretty close to http://seclists.org/fulldisclosure/2011/Aug/82, CA's original advisory from August referenced in 48897.
>
> Rob?
>
>
> George
More information about the VIM
mailing list