Products
- Network Security
  - Next Generation FirewallNext-generation firewall for SMB, Enterprise, and Government
  - Security ServicesComprehensive security for your network security solution
  - Capture Security applianceAdvanced Threat Protection for modern threat landscape
  - Network Security ManagerModern Security Management for today’s security landscape
- Access Security
  - Cloud Edge Secure AccessDeploy Zero-Trust Security in minutes
  - Secure Mobile AccessRemote, best-in-class, secure access
  - Wireless Access PointsEasy to manage, fast and secure Wi-FI
  - SwitchesHigh-speed network switching for business connectivity
- Email Security
  - Email SecurityProtect against today’s advanced email threats
- Cloud Security
  - Cloud App SecurityVisibility and security for Cloud Apps
  - Cloud Firewall (NSv)Next-generation firewall capabilities in the cloud
- Endpoint Security
  - Capture ClientStop advanced threats and rollback the damage caused by malware
  - Content Filtering ClientControl access to unwanted and unsecure web content
- Product Widgets
  - Product Menu Right Image
  - Capture Cloud Platform
    Capture Cloud Platform
    A security ecosystem to harness the power of the cloud
- Button Widgets
  - Products A-Z
    all products A–Z FREE TRIALS
Solutions
- Industries
- Use Cases
- Solutions Widgets
  - Solutions Content Widgets
    Federal
    Protect Federal Agencies and Networks with scalable, purpose-built cybersecurity solutions
  - Solutions Image Widgets
Partners
- SonicWall Partners
- Partner Resources
- Partner Widgets
  - Custom HTML : Partners Content WIdgets
    Partner Portal
    Access to deal registration, MDF, sales and marketing tools, training and more
  - Partners Image Widgets
Support
- Support
- Resources
- Support Widget
  - Custom HTML : Support Content WIdgets
    Support Portal
    Find answers to your questions by searching across our knowledgebase, community, technical documentation and video tutorials
  - Support Image Widgets
COMPANY
PROMOTIONS
MANAGED SERVICES
Contact Sales

English English en

Support on SonicWall Products, Services and Solutions

Browse Knowledgebase by Category

Capture Security Center

Management and Reporting

CA Backup Message Engine DoS

03/26/2020 3 11869

DESCRIPTION:
CA Backup Message Engine DoS

RESOLUTION:

CA Backup Message Engine DoS (June 25, 2009)

The CA ARCserve Backup products offer data protection for distributed servers, clients, databases and applications. They offer centralized control over backup and restore operations among other services.

CA ARCserve Backup Message Engine is one of the services provided by BrightStor ARCserve Backup products. The engine accepts DCE-RPC messages on port TCP/6503 by default. DCE-RPC messages exchanged on the said port have the following common format:

 Offset Size Description

 ------- ----- ----------------------------------

 0x0000 1     Major Version, 0x05

 0x0001 1     Minor Version, 0x00

 0x0002 1     Packet Type, 0 for Request Packet

 0x0003 1     Packet Flags, 0x80 for UUID set

 0x0004 4     Data Representation

 0x0008 2     Frag Length, N

 0x000A 2     Auth Length

 0x000C 4     Call ID

 0x0010 N-16 type-specific data

A type 0 packet (request) has the following format inside the type-specific data portion:

 Offset Size Description

 ------- ----- ----------------------------------

 0x0000 4     Alloc hint

 0x0004 2     Context ID

 0x0006 2     opcode

 0x0008 N-24 Stub Data

The opcode field represents the RPC operation number. The Stub Data field contains the arguments passed to the called RPC method. The structure of the Stub Data field is opcode specific and in this case defined by the vendor, CA. It has been determined that RPC messages having opcode 0x13 have the following structure:

 long (

  [in] long arg_1,

  [in] short arg_2,

   [in][size_is(65536), length_is(65536)] char * arg_3,

  [in] long arg_4,

  [out] long * arg_5

);

A denial of service vulnerability exists in the CA ARCserve Backup Message Engine. The vulnerability is due to insufficient checks on user supplied parameters when handling opcode 0x13 RPC messages. When both arg_1 and arg_4 are set to 1, and arg_3 is a string 65536 characters long, the vulnerable code will end up referencing a null pointer. That causes a memory access violation which results in the termination of the CA ARCserve Backup Message Engine. This attack may be performed by unauthenticated remote users.

SonicWall has released an IPS signature which will detect and block generic attack attempts targeting this vulnerability. The following signature was released to address this issue.

2118 - CA ARCserve Backup Message Engine DoS

Click here to read the complete security alert from SonicWall Security Centre.

Was This Article Helpful?

Yes No

Not Finding Your Answer?

ASK THE COMMUNITY

Stay In Touch

Email Address*
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. You can unsubscribe at any time at Manage Subscriptions.
Country
Company
States
Dnb- ZIP
Dnb- Phone
elqCampaignId
elqTrackId
utm_campaign
utm_medium
utm_source
utm_term
utm_content
gclid
sfdc_campaign_id
DnB - Address
DnB - First Name
DnB - Last Name
DnB - Duns
DnB - Global Ult (HQ) DUNS
DnB - Global Ult (HQ) Company
DnB - Employee Count
DnB - Trade Name
DnB - Currency
DnB - Vanity Title
DnB - Country
DnB - State
DnB - Zip
DnB - City
DnB - Global Employee Count
DnB - SIC Code
DnB - SIC Description
DnB - NAICS Code
DnB - NAICS Description
DnB - Revenue
DnB - Domain
DnB - Business Phone
DnB - Company
DnB - DataSource
DnB - DMACode
DnB - EmployeeRange
DnB - Fortune1000
DnB - Fortune200
DnB - Industry
DnB - Postal Code
DnB - PrimarySIC
DnB - SubIndustry
DnB - PrimaryNAICS
DnB - StockTicker
DnB - Revenue Range
DnB - State or Province
DnB - Website
Name
This field is for validation purposes and should be left unchanged.

Capture Cloud Platform

Federal

Partner Portal

Support Portal

Capture Cloud Platform

Federal

Partner Portal

Support Portal

CA Backup Message Engine DoS

Was This Article Helpful?

Article Helpful Form

Article Not Helpful Form

Not Finding Your Answer?

Stay In Touch

CA Backup Message Engine DoS

Categories

Was This Article Helpful?

Article Helpful Form

Article Not Helpful Form

Not Finding Your Answer?

Stay In Touch