CA Warns Of Multiple Security Vulnerabilities In ARCserve Backup

software denial of service attack

The advisory, issued last week in a CA Security Response Blog, said the company gave the vulnerabilities a "high" risk rating. CA has issued patches to address the vulnerabilities.

The company said only the base products are affected. The products are CA ARCserve Backup r11.1 Windows, r11.5 Windows (both formerly known as BrightStor ARCserve Backup) and r12.0 Windows; CA Server Protection Suite r2; CA Business Protection Suite r2; and CA Business Protection Suite for Microsoft Small Business Server r2 Standard and Premium editions.

The company said CA ARCserve Backup r12.0 Windows SP1 was not affected. The advisory provided ways for managers to determine if their systems are affected by the vulnerability.

CA said the vulnerability was reported by Haifei Li of Fortinet's FortiGuard global security research team, the vulnerability research team of Assurent Secure Technologies (a TELUS company), and Greg Linares of eEye Digital Security.