PRODUCT: BrightStor ARCserve Backup for NetWare  RELEASE: 11.1

APAR #:  QO64543                                 DATE:    17 FEB 2005

PROBLEM DESCRIPTION: NW   -DISCOVERY    SERVICE   -    SECURITY   UPDATE
                     ----------------------------------------------------
         ***NOTE***  This PTF supersedes QO62936 which has been withdrawn

                     This    update    addresses    potential   security
                     vulnerabilities   caused   by   a  buffer  overflow
                     condition in the  ARCserve Discovery Service.  This
                     patch  should  be  applied  to  all Windows systems
                     where the ARCserve r11.1 base product and any  type
                     of   ARCserve   agent   (file   system,   database,
                     application, open file) is installed.

                     This update  is a  cumulative patch  and supersedes
                     QO62936, which addressed a different  vulnerability
                     in  the  discovery  service,originally  reported by
                     iDEFENSE .

                     PREREQS: None

                     MPREREQS: None

                     COREQS: None

                     MCOREQS: None

                     SUPERSEDED: QO62936

HYPER: YES

DISTRIBUTION CODE: A (A=Available, I=Internal)

PROBLEM RESOLUTION:  Follow the instructions below:
This fix Supersedes the  following :
QO62936

This fix requires BrightStor ARCserve Backup version 11.1 for NetWare
to be installed.

1. Shutdown BrightStor ARCserve Backup.

2. Unzip the fix file as follows:

CAZIPXP -U QO64543.CAZ

3. Run BAB111NSecurity.exe



PRODUCT(S) AFFECTED: ArcserveIT Enterprise NW               Release 11.1

DOWNLOAD INFORMATION:
---------------------
NODE:  ftp.ca.com
PATH:  /CAproducts/unicenter/AXNBAS/netware/GA/QO64543
FILES: QO64543.DJB QO64543.CAZ

UPDATED ROUTINES:
---------------
BAB111NSecurity.exe    8104526 THU FEB 17 11:43:00 2005