Change Download Preference

Current Preference
Change Preference to:

Security Notice for CA ARCserve Backup LDBserver

Issued: December 10, 2008

CA's technical support is alerting customers to a security risk with CA ARCserve Backup. A vulnerability exists that can allow a remote attacker to cause a denial of service or execute arbitrary code. CA has issued patches to address the vulnerability.

The vulnerability, CVE-2008-5415, is due to insufficient verification of client data. A remote attacker can crash the LDBserver service or execute arbitrary code in the context of the service.

Note: The client installation is not affected.

Risk Rating




Affected Products

CA ARCserve Backup r12.0 Windows
CA ARCserve Backup r11.5 Windows*
CA ARCserve Backup r11.1 Windows*
CA Server Protection Suite r2
CA Business Protection Suite r2
CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2
CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2

Non-Affected Products

CA ARCserve Backup r12.0 Windows SP1

How to determine if the installation is affected

CA ARCserve Backup r12.0 Windows,
CA ARCserve Backup r11.5 Windows:

  1. Run the ARCserve Patch Management utility. From the Windows Start menu, it can be found under Programs->CA->ARCserve Patch Management->Patch Status.

  2. The main patch status screen will indicate if the respective patch in the below table is currently applied. If the patch is not applied, the installation is vulnerable.
CA ARCserve Backup r12.0 WindowsRO01340
CA ARCserve Backup r11.5 Windows*RO04383

For more information on the ARCserve Patch Management utility, read document TEC446265 for r12.0 or TEC463526 for r11.5.

Alternatively, use the file information below to determine if the product installation is vulnerable.

CA ARCserve Backup r11.1 Windows:

  1. Using Windows Explorer, locate the file "DBserver.dll". By default, the file is located in the "C:Program FilesCABrightStor ARCserve Backup" directory.

  2. Right click on the file and select Properties.

  3. Select the General tab.

  4. If the file timestamp is earlier than indicated in the table below, the installation is vulnerable.
Product versionFile NameFile SizeTimestamp
CA ARCserve Backup r11.1 WindowsDBserver.dll675840 bytes11/25/2008 09:32:21

*CA Protection Suites r2 includes CA ARCserve Backup 11.5


CA has issued the following patches to address the vulnerabilities.

CA ARCserve Backup r12.0 Windows:
Apply Service Pack 1 (RO01340)

CA ARCserve Backup r11.5 Windows:

CA ARCserve Backup r11.1 Windows:

CA Protection Suites r2:




CVE-2008-5415 - LDBserver code execution


CVE-2008-5415 - Dyon Balding of Secunia Research

Change History

Version 1.0: Initial Release

If additional information is required, please contact CA Support at

If you discover a vulnerability in CA products, please report your findings to the CA Product Vulnerability Response Team.