CVE-2008-5415

Name of the Vulnerable Software and Affected Versions CA ARCserve Backup versions 11.1 through 12.0

Description The issue allows remote attackers to execute arbitrary code via a handle t argument to an RPC endpoint, where the argument refers to an incompatible procedure. This is related to the LDBserver service in the server on Windows.

Recommendations For CA ARCserve Backup versions 11.1 through 12.0, consider restricting access to the RPC endpoint until a patch is available. As a temporary workaround, disabling the LDBserver service may minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.