CVE-2009-1761

Name of the Vulnerable Software and Affected Versions: CA ARCserve Backup versions r12.0 through r12.0 SP1

Description: The issue allows remote attackers to cause a denial of service, resulting in a crash. This can be achieved by sending either an invalid 0x13 message, which is not properly handled in the ASCORE module, or a 0x3B message with invalid stub data that triggers an RPC marshalling error.

Recommendations: For CA ARCserve Backup versions r12.0 through r12.0 SP1, consider restricting access to the ASCORE module to minimize the risk of exploitation. As a temporary workaround, avoid processing 0x13 and 0x3B messages until a patch is available.