CA ARCserve D2D Apache Axis2 Default Credentials Remote Code Execution Exploit

CA ARCserve D2D installs the Apache Axis2 Web services engine with the default password for the administrator account, which can be abused by a remote attacker to upload an .AAR web service and execute arbitrary code with SYSTEM privileges on the machine where the vulnerable software is installed.
Platform: 
Vulnerabilty ID: 
CVE-2010-0219
Product Version: 
11.0
Released Date: 
Thursday, March 10, 2011 - 00:00