Backup security continues to be an issue, if a recent advisory from the United States Computer Emergency Readiness Team (US-CERT) is any indication (see Backup Software Under Attack). Jon Oltsik, senior analyst for information security at the Enterprise Strategy Group, said backup security “is improving, albeit slowly. Storage people still don’t realize that a storage […]
Backup security continues to be an issue, if a recent advisory from the United States Computer Emergency Readiness Team (US-CERT) is any indication (see Backup Software Under Attack).
Jon Oltsik, senior analyst for information security at the Enterprise Strategy Group, said backup security “is improving, albeit slowly. Storage people still don’t realize that a storage server on an IP network is just as vulnerable as any other. We’ll see at least one security breach through a storage system very soon.”
US-CERT reported last week that a new vulnerability has been found in CA’s BrightStor ARCserve Backup Tape Engine.
US-CERT said there “is a flaw in the way RPC [remote call procedure] requests are handled by the Tape Engine. By sending a malformed RPC request to port 6502/tcp on a vulnerable system, a remote, unauthenticated attacker could execute arbitrary code with SYSTEM privileges.”
Initial reports indicate that BrightStor ARCserve Backup version 11.5 is affected by the flaw, but other versions may be affected as well, US-CERT said. For now, the agency recommends mitigating risk by blocking port 6502/tcp at the firewall.
CA said in a notice that it is “aware of a newly disclosed vulnerability report describing a remotely exploitable buffer overflow in the Tape Engine component of CA BrightStor ARCserve Backup. CA is currently investigating the issue. We are not presently aware of any attempts to exploit this issue. At such time as we are able to conclude our investigation and verify the reported vulnerability, CA will provide remediation.
“CA recommends that customers employ best practices in securing their networks and in this case use filtering to block unauthorized access to port 6502 on hosts running the Tape Engine. Tape Engine is part of BrightStor ARCserve Backup server install. BrightStor ARCserve Backup client systems are not affected by this vulnerability.”
eSecurity Editor Paul Shread has covered nearly every aspect of enterprise technology in his 20+ years in IT journalism, including an award-winning series on software-defined data centers. He wrote a column on small business technology for Time.com, and covered financial markets for 10 years, from the dot-com boom and bust to the 2007-2009 financial crisis. He holds a market analyst certification.
Enterprise Storage Forum offers practical information on data storage and protection from several different perspectives: hardware, software, on-premises services and cloud services. It also includes storage security and deep looks into various storage technologies, including object storage and modern parallel file systems. ESF is an ideal website for enterprise storage admins, CTOs and storage architects to reference in order to stay informed about the latest products, services and trends in the storage industry.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
