Idera Server Backup Manager (R1Soft) – Arbitrary File Access Vulnerability (R911-0072)

Type: Arbitrary File Access
Location: Local
Impact: High
Product: Idera Server Backup Manager (R1Soft)
Vulnerable Version: 5.4.1 build 39
Fixed Version: 5.4.2 build 71
R911: 0072
Date: 2013-10-08
By: Rack911

Product Description:

Idera Server Backup Manager is an affordable, high-performance, disk-to-disk backup software for Linux and Windows servers. (This software was previously more commonly known as R1Soft Backup.)

Vulnerability Description:

It is possible for an attacker to obtain any file on the server regardless of ownership when the next scheduled backup runs.

Proof of Concept:

Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.


We have deemed this vulnerability to be rated as HIGH due to the fact that any file can be obtained, including /etc/shadow.

Vulnerable Version:

This vulnerability was tested against Idera Server Backup Manager (R1Soft) v5.4.1 build 39 and is believed to exist in previous versions.

Fixed Version:

This vulnerability was patched in Idera Server Backup Manager (R1Soft) v5.4.2 build 71.

Vendor Contact Timeline:

2013-09-12: Vendor contacted via email.
2013-09-12: Vendor confirms vulnerability.
2013-10-08: Vendor issues update.
2013-10-08: Rack911 issues security advisory.