All the vulnerabilites related to Hitachi, Ltd - BrightStor ARCserve Backup
jvndb-2008-001779
Vulnerability from jvndb
Published
2008-10-30 12:20
Modified
2008-10-30 12:20
Summary
CA ARCserver Backup and CA ARCserve Backup Client Agent Denial of Service (DoS) Vulnerability
Details
CA ARCserve Backup and CA ARCserve Backup Client Agent fail to properly handle packets with a large integer value used in an increment to TCP port 41523, which leads to a denial of service (DoS).
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-001779.html",
"dc:date": "2008-10-30T12:20+09:00",
"dcterms:issued": "2008-10-30T12:20+09:00",
"dcterms:modified": "2008-10-30T12:20+09:00",
"description": "CA ARCserve Backup and CA ARCserve Backup Client Agent fail to properly handle packets with a large integer value used in an increment to TCP port 41523, which leads to a denial of service (DoS).",
"link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-001779.html",
"sec:cpe": [
{
"#text": "cpe:/a:ca:arcserve_backup",
"@product": "CA ARCserve Backup",
"@vendor": "CA Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/a:ca:business_protection_suite",
"@product": "CA Business Protection Suite",
"@vendor": "CA Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/a:ca:server_protection_suite",
"@product": "CA Server Protection Suite",
"@vendor": "CA Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:arcserve_backup",
"@product": "CA ARCserve Backup",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:brightstor_arcserve_backup",
"@product": "BrightStor ARCserve Backup",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2008-001779",
"sec:references": [
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1979",
"@id": "CVE-2008-1979",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1979",
"@id": "CVE-2008-1979",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/29855",
"@id": "SA29855",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/28927",
"@id": "28927",
"@source": "BID"
},
{
"#text": "http://www.securitytracker.com/id?1020324",
"@id": "1020324",
"@source": "SECTRACK"
},
{
"#text": "http://www.frsirt.com/english/advisories/2008/1354",
"@id": "FrSIRT/ADV-2008-1354",
"@source": "FRSIRT"
},
{
"#text": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001779.html",
"@id": "JVNDB-2008-001779",
"@source": "JVNDB_Ja"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-189",
"@title": "Numeric Errors(CWE-189)"
}
],
"title": "CA ARCserver Backup and CA ARCserve Backup Client Agent Denial of Service (DoS) Vulnerability"
}
jvndb-2008-001778
Vulnerability from jvndb
Published
2008-10-30 12:19
Modified
2008-10-30 12:19
Summary
BrightStor ARCserve and eTrust Antivirus Arbitrary Code Execution Vulnerability
Details
BrightStor ARCserve Backup and eTrust Antirus r7.1 have a problem in handling RPC requests and are vulnerable to arbitrary code execution.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-001778.html",
"dc:date": "2008-10-30T12:19+09:00",
"dcterms:issued": "2008-10-30T12:19+09:00",
"dcterms:modified": "2008-10-30T12:19+09:00",
"description": "BrightStor ARCserve Backup and eTrust Antirus r7.1 have a problem in handling RPC requests and are vulnerable to arbitrary code execution.",
"link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-001778.html",
"sec:cpe": [
{
"#text": "cpe:/a:ca:arcserve_backup",
"@product": "CA ARCserve Backup",
"@vendor": "CA Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/a:ca:brightstor_arcserve_backup",
"@product": "BrightStor ARCserve Backup",
"@vendor": "CA Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/a:ca:etrust_antivirus",
"@product": "CA Anti-Virus",
"@vendor": "CA Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/a:ca:threat_manager",
"@product": "CA Threat Manager",
"@vendor": "CA Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:brightstor_arcserve_backup",
"@product": "BrightStor ARCserve Backup",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:etrust_anitivirus",
"@product": "eTrust Antivirus",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "9.0",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2008-001778",
"sec:references": [
{
"#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4620",
"@id": "CVE-2007-4620",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4620",
"@id": "CVE-2007-4620",
"@source": "NVD"
},
{
"#text": "http://secunia.com/advisories/29665",
"@id": "SA29665",
"@source": "SECUNIA"
},
{
"#text": "http://www.securityfocus.com/bid/28605",
"@id": "28605",
"@source": "BID"
},
{
"#text": "http://xforce.iss.net/xforce/xfdb/41639",
"@id": "41639",
"@source": "XF"
},
{
"#text": "http://www.securitytracker.com/id?1019789",
"@id": "1019789",
"@source": "SECTRACK"
},
{
"#text": "http://www.securitytracker.com/id?1019790",
"@id": "1019790",
"@source": "SECTRACK"
},
{
"#text": "http://www.frsirt.com/english/advisories/2008/1103",
"@id": "FrSIRT/ADV-2008-1103",
"@source": "FRSIRT"
},
{
"#text": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001778.html",
"@id": "JVNDB-2008-001778",
"@source": "JVNDB_Ja"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-119",
"@title": "Buffer Errors(CWE-119)"
}
],
"title": "BrightStor ARCserve and eTrust Antivirus Arbitrary Code Execution Vulnerability"
}
jvndb-2010-001494
Vulnerability from jvndb
Published
2010-06-08 14:03
Modified
2010-06-08 14:03
Summary
Arbitrary Code Execution Vulnerability in CA ARCserve Backup and BrightStor ARCserve Backup
Details
The version of JRE shipped with CA ARCserve Backup and BrightStor ARCserve Backup is vulnerable to arbitrary code execution.
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-001494.html",
"dc:date": "2010-06-08T14:03+09:00",
"dcterms:issued": "2010-06-08T14:03+09:00",
"dcterms:modified": "2010-06-08T14:03+09:00",
"description": "The version of JRE shipped with CA ARCserve Backup and BrightStor ARCserve Backup is vulnerable to arbitrary code execution.",
"link": "https://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-001494.html",
"sec:cpe": [
{
"#text": "cpe:/a:ca:arcserve_backup",
"@product": "CA ARCserve Backup",
"@vendor": "CA Technologies",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:arcserve_backup",
"@product": "CA ARCserve Backup",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:brightstor_arcserve_backup",
"@product": "BrightStor ARCserve Backup",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "10.0",
"@severity": "High",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2010-001494",
"sec:references": {
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-noinfo",
"@title": "No Mapping(CWE-noinfo)"
},
"title": "Arbitrary Code Execution Vulnerability in CA ARCserve Backup and BrightStor ARCserve Backup"
}