[VIM] Computer Associates ARCserve D2D and ARCserve Backup Arbitrary Code Execution Vulnerability, BID 51189

George A. Theall theall at tenable.com
Thu Dec 29 19:41:57 CST 2011


BID 51189 was created yesterday for an issue in CA ARCserve D2D / ARCserve Backup. It looks to me to be a dup of BID 48897.

Yesterday's BID references an advisory from Hitachi (http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS11-025/index.html) which in turn references a Japanese language advisory from Computer Associates (http://www.casupport.jp/resources/info/CA20110809-01.htm).  Like the earlier BID, that mentions CVE-2011-3011, which immediately should raise suspicions. And, if you use something like Yahoo's Babelfish to translate the page, you'll end up with text that's pretty close to http://seclists.org/fulldisclosure/2011/Aug/82, CA's original advisory from August referenced in 48897.

Rob? 


George
-- 
theall at tenablesecurity.com





More information about the VIM mailing list