Arkeia Type 77 Request buffer overflow

Added: 01/24/2006
CVE: CVE-2005-0491
BID: 12594
OSVDB: 14011

Background

The Arkeia network backup software includes a daemon program called arkeiad which listens for connections on TCP port 617.

Problem

A buffer overflow in the processing of type 77 requests sent to the arkeiad listener allows remote attackers to execute commands.

Resolution

Upgrade to Arkeia stable version 5.3.5 or higher.

References

http://archives.neohapsis.com/archives/fulldisclosure/2005-02/0487.html

Limitations

Exploit works on Arkeia Network Backup Client 5.2.27.

Platforms

Windows
Linux

Back to exploit index