CA BrightStor ARCserve 0day

A 0day exploit has been released into the wild today for ARCserve. A buffer overflow vulnerability appears to exist in the file ‘ListCtrl.ocx’. At this point in time, it is not known how widespread this exploit will become. However, it was released on a popular exploit website, so it’s only a matter of time before the exploit is changed or put into an exploit framework. In the meantime, make sure ARCserve services are locked down as tight as possible until CA is able to release a fix for this issue.

Leave a Reply