* ____________________________________________________________________________ *
* ID:                74                                                         
* PRODUCT:           AXWBAS                                                     
* RELEASE:           11.1                                                       
* DESC:             NT  -DATABASE   AGENT  SECURITY   UPDATE  -   R11.1         
* SYSTEMS AFFECTED: NT                                                          
* SOLUTION TEXT:                                                                
PRODUCT: BAB Windows Common                      RELEASE: 11.1                  
APAR #:  QO71010                                 DATE:    4 AUG 2005            
PROBLEM DESCRIPTION: NT  -DATABASE   AGENT  SECURITY   UPDATE  -   R11.1        
                     ----------------------------------------------------       
         ***NOTE***  This PTF supersedes QO70767 which has been withdrawn       
                     A buffer overflow  vulnerability has been  found in        
                     the  BrightStor  ARCserve  Backup  and   BrightStor        
                     Enterprise Backup  application agent  code used  on        
                     Windows   platforms.   A   remote   attacker    who        
                     successfully exploits  this vulnerability  can gain        
                     privileged  access  to  the  system.  This   buffer        
                     overflow  vulnerability  was  reported  to  CA   by        
                     iDEFENSE.  CA  strongly  recommends  that  security        
                     update(s) be  applied immediately  to systems  that        
                     utilize any of the products listed below.                  
                     BrightStor ARCserve Backup r11.1:                          
                     -BrightStor ARCserve Backup r11.1 Agent for SQL for        
                     Windows                                                    
                     -BrightStor ARCserve Backup r11.1 Agent for  Oracle        
                     for Windows                                                
                     -BrightStor ARCserve Backup r11.1 Agent for SAP R/3        
                     for Windows                                                
                     -BrightStor   ARCserve   Backup   r11.1  Agent  for        
                     Microsoft Exchange Premium Add-on for Windows              
                     PREREQS: SP1                                               
                     MPREREQS: None                                             
                     COREQS: None                                               
                     MCOREQS: None                                              
                     SUPERSEDED: None                                           
HYPER: YES                                                                      
DISTRIBUTION CODE: A (A=Available, I=Internal)                                  
PROBLEM RESOLUTION:  Follow the instructions below:                             
The following PREREQS must be applied before applying this fix:                 
SP1                                                                             
This fix requires BrightStor ARCserve Backup Release 11 to be                   
installed.                                                                      
1. Unzip the fix file as follows:                                               
      CAZIPXP -U QO71010.CAZ                                                    
2. On systems where one of the affected database agents is installed,           
run BAB111WFix.exe.                                                             
PRODUCT(S) AFFECTED: BrightStor ARCserve Backup for Windows Release 11.1        
DOWNLOAD INFORMATION:                                                           
---------------------                                                           
NODE:  ftp.ca.com                                                               
PATH:  /CAproducts/unicenter/AXWBAS/nt/GA/QO71010                               
FILES: QO71010.DFC QO71010.CAZ                                                  
UPDATED ROUTINES:                                                               
---------------                                                                 
BAB111WFix.exe    14048865 THU AUG 04 14:58:57 2005                             
* ____________________________________________________________________________ *
* NT                    VERSION: 0     EFFECTIVE: 08/04/2005 ACTION: A          
   ***  NO ZAPS FOR THIS VERSION  ***