IBM announced that its Internet Security Systems (ISS) X-Force research and development team has discovered and preemptively protected customers from two similar, but distinct vulnerabilities in CA Brightstor ARCserve. This product is a cross-platform backup and recovery solution for small- to medium-sized businesses that protects and helps ensure the availability of critical applications and data. The vulnerabilities discovered by X-Force can be exploited remotely with no user interaction required. Successful exploitation could grant the attacker administrative privileges on the target machine.
The X-Force security advisories on these vulnerabilities can be found at: