Idera Server Backup Manager (R1Soft) – Arbitrary File Access Vulnerability (R911-0073)

Type: Arbitrary File Access
Location: Local
Impact: High
Product: Idera Server Backup Manager (R1Soft)
Vulnerable Version: 5.4.1 build 39
Fixed Version: 5.4.2 build 71
R911: 0073
Date: 2013-10-08
By: Rack911

Product Description:

Idera Server Backup Manager is an affordable, high-performance, disk-to-disk backup software for Linux and Windows servers. (This software was previously more commonly known as R1Soft Backup.)

Vulnerability Description:

It is possible for an attacker to tamper with other user archive backups (*.tar.gz) on the server by manipulating the restore to agent feature.

Proof of Concept:

Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.


We have deemed this vulnerability to be rated as HIGH due to the fact that any *.tar.gz archive on the server, including cPanel backups, can be modified.

Vulnerable Version:

This vulnerability was tested against Idera Server Backup Manager (R1Soft) v5.4.1 build 39 and is believed to exist in previous versions.

Fixed Version:

This vulnerability was patched in Idera Server Backup Manager (R1Soft) v5.4.2 build 71.

Vendor Contact Timeline:

2013-09-12: Vendor contacted via email.
2013-09-12: Vendor confirms vulnerability.
2013-10-08: Vendor issues update.
2013-10-08: Rack911 issues security advisory.