[VIM] Computer Associates ARCserve D2D and ARCserve Backup Arbitrary Code Execution Vulnerability, BID 51189

Williams, James K James.Williams at ca.com
Thu Mar 8 14:56:40 CST 2012


George, thanks for bringing up that BID issue.

Rob, thanks for fixing the BIDs.

For reference, note that CA Japan usually republishes their own localized versions of security notices that are originally published at https://support.ca.com/.  Notices are always published first and are always most current at https://support.ca.com/.  

Also, we do utilize CVE for vulnerability identification in all security notices, and always acquire CVE identifier(s) before publishing security notices.

If you ever have questions about CA security notices or advisories, our preferred method of communication is email to vuln at ca.com.

Thanks and regards,
Ken Williams, Director
CA Technologies Product Vulnerability Response Team
CA Technologies Business Unit Operations
wilja22 at ca.com

-----Original Message-----

------------------------------

Message: 6
Date: Thu, 29 Dec 2011 20:41:57 -0500
From: "George A. Theall" <theall at tenable.com>
To: Vulnerability Information Managers <vim at attrition.org>
Subject: [VIM] Computer Associates ARCserve D2D and ARCserve Backup
	Arbitrary Code Execution Vulnerability, BID 51189
Message-ID: <E429491E-7AC4-42C9-8074-EEC8B3276127 at tenable.com>
Content-Type: text/plain; charset="us-ascii"

BID 51189 was created yesterday for an issue in CA ARCserve D2D / ARCserve Backup. It looks to me to be a dup of BID 48897.

Yesterday's BID references an advisory from Hitachi (http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-025/index.html) which in turn references a Japanese language advisory from Computer Associates (http://www.casupport.jp/resources/info/CA20110809-01.htm).  Like the earlier BID, that mentions CVE-2011-3011, which immediately should raise suspicions. And, if you use something like Yahoo's Babelfish to translate the page, you'll end up with text that's pretty close to http://seclists.org/fulldisclosure/2011/Aug/82, CA's original advisory from August referenced in 48897.

Rob? 


George
-- 
theall at tenablesecurity.com

------------------------------

Message: 7
Date: Tue, 03 Jan 2012 13:50:08 -0700
From: rkeith <rkeith at securityfocus.com>
To: Vulnerability Information Managers <vim at attrition.org>
Cc: "George A. Theall" <theall at tenable.com>
Subject: Re: [VIM] Computer Associates ARCserve D2D and ARCserve
	Backup	Arbitrary Code Execution Vulnerability, BID 51189
Message-ID: <4F036A00.6030905 at securityfocus.com>
Content-Type: text/plain; charset=ISO-8859-1

Thanks George,

Definitely an oversight on our part, the BIDs have been corrected/retired as required.

Thanks,
Rob

On 12/29/2011 06:41 PM, George A. Theall wrote:
> BID 51189 was created yesterday for an issue in CA ARCserve D2D / ARCserve Backup. It looks to me to be a dup of BID 48897.
> 
> Yesterday's BID references an advisory from Hitachi (http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-025/index.html) which in turn references a Japanese language advisory from Computer Associates (http://www.casupport.jp/resources/info/CA20110809-01.htm).  Like the earlier BID, that mentions CVE-2011-3011, which immediately should raise suspicions. And, if you use something like Yahoo's Babelfish to translate the page, you'll end up with text that's pretty close to http://seclists.org/fulldisclosure/2011/Aug/82, CA's original advisory from August referenced in 48897.
> 
> Rob? 
> 
> 
> George

------------------------------



More information about the VIM mailing list