CA ARCserve Backup Tape Engine
Exploit Security Notice

CA is aware that exploit code for a vulnerability in the Tape Engine component of CA ARCserve Backup was posted on several security web sites and mailing lists on January 5, 2007. This vulnerability is fixed in CA ARCserve Backup r11.5 Service Pack 2, and a patch for earlier versions of ARCserve will be available shortly.

CA recommends that customers employ best practices in securing their networks and in this case use filtering to block unauthorized access to port 6502 on hosts running the Tape Engine. Tape Engine is part of CA ARCserve Backup server install. CA ARCserve Backup client systems are not affected by this vulnerability.

CA customers with questions or concerns should contact CA Technical Support.