Idera Server Backup Manager (R1Soft) – Arbitrary File Overwrite Vulnerability (R911-0071)

Type: Arbitrary File Overwrite
Location: Local
Impact: High
Product: Idera Server Backup Manager (R1Soft)
Vulnerable Version: 5.4.1 build 39
Fixed Version: 5.4.2 build 71
R911: 0071
Date: 2013-10-08
By: Rack911

Product Description:

Idera Server Backup Manager is an affordable, high-performance, disk-to-disk backup software for Linux and Windows servers. (This software was previously more commonly known as R1Soft Backup.)

Vulnerability Description:

It is possible for an attacker to overwrite any file on the server regardless of ownership by providing a malicious restore directory via the Send to Agent feature.

Proof of Concept:

Due to the nature of this security flaw, we will not be posting a Proof of Concept until a much later date.


We have deemed this vulnerability to be rated as HIGH due to the fact that any file can be overwritten which could ultimately render a server inoperable.

Vulnerable Version:

This vulnerability was tested against Idera Server Backup Manager (R1Soft) v5.4.1 build 39 and is believed to exist in previous versions.

Fixed Version:

This vulnerability was patched in Idera Server Backup Manager (R1Soft) v5.4.2 build 71.

Vendor Contact Timeline:

2013-09-12: Vendor contacted via email.
2013-09-12: Vendor confirms vulnerability.
2013-10-08: Vendor issues update.
2013-10-08: Rack911 issues security advisory.