All the vulnerabilites related to broadcom - server_protection_suite
Vulnerability from fkie_nvd
Published
2007-10-13 00:17
Modified
2024-11-21 00:37
Severity ?
Summary
Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | 9.01 | |
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | brightstor_enterprise_backup | 10.5 | |
| broadcom | business_protection_suite | 2.0 | |
| broadcom | server_protection_suite | 2 | |
| ca | brightstor_arcserve_backup | 11 | |
| ca | business_protection_suite | 2.0 | |
| ca | business_protection_suite | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "1366038C-7552-44C7-BB01-316AA0D088F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "D24EEBF9-8301-4E8E-8AE1-E41774EDEFD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers."
},
{
"lang": "es",
"value": "La biblioteca Queue.dll para el servicio de colas de mensajes (LQserver.exe) en CA BrightStor ARCServe BackUp versi\u00f3n v9.01 hasta R11.5, y Enterprise Backup r10.5, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una petici\u00f3n de protocolo ONRPC malformada para la operaci\u00f3n 0x76, lo que hace que ARCserve Backup elimine la referencia de punteros arbitrarios."
}
],
"id": "CVE-2007-5331",
"lastModified": "2024-11-21T00:37:40.243",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-13T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/41371"
},
{
"source": "cve@mitre.org",
"url": "http://research.eeye.com/html/advisories/published/AD20071011.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27192"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/482114/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24680"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/41371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.eeye.com/html/advisories/published/AD20071011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/482114/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37071"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-01-19 00:03
Modified
2024-11-21 00:06
Severity ?
Summary
The DM Primer in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption and log file consumption) via unspecified "unrecognized network messages" that are not properly handled.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup_laptops_desktops | 11.0 | |
| broadcom | brightstor_arcserve_backup_laptops_desktops | 11.1 | |
| broadcom | brightstor_arcserve_backup_laptops_desktops | 11.1 | |
| broadcom | brightstor_mobile_backup | r4.0 | |
| broadcom | business_protection_suite | 2.0 | |
| broadcom | desktop_protection_suite | 2.0 | |
| broadcom | server_protection_suite | 2 | |
| broadcom | unicenter_remote_control | 5.2 | |
| broadcom | unicenter_remote_control | 6.0 | |
| broadcom | unicenter_remote_control | 6.0 | |
| ca | unicenter_remote_control | 6.0 | |
| ca | unicenter_remote_control | 6.0 | |
| ca | unicenter_remote_control | 6.0_build_6.0.56.3 | |
| ca | unicenter_remote_control | 6.0_build_6.0.74 | |
| ca | unicenter_remote_control | 6.0_build_6.0.74 | |
| ca | unicenter_remote_control | 6.0_build_6.0.74 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9DAE8E8B-7FD6-43CB-B07A-6D3B31E94DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_mobile_backup:r4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D9448EC1-7527-4CF9-85FC-26F61714E4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB698F99-FC87-4D59-9E01-3CE7A57FE0E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_remote_control:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B43CE892-50CB-429F-B986-6FD4398A1D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_remote_control:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53C2C33D-8403-4C75-8A52-713393FE408F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_remote_control:6.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D293FB82-D21B-4BDD-A511-B994B557032A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_remote_control:6.0:sp1:*:en:*:*:*:*",
"matchCriteriaId": "63788A55-F137-4F8A-8FDD-9C0B9881DE1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_remote_control:6.0:sp1:*:fr:*:*:*:*",
"matchCriteriaId": "D9AB86C1-ABE7-4DB1-A050-2E54607BF3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_remote_control:6.0_build_6.0.56.3:*:*:en:*:*:*:*",
"matchCriteriaId": "8E01F0FB-C836-4B25-9B40-6D0EEDEDFA74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_remote_control:6.0_build_6.0.74:*:*:de:*:*:*:*",
"matchCriteriaId": "C45E9E3A-68D4-46D3-8A56-A07A76F4F7FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_remote_control:6.0_build_6.0.74:*:*:en:*:*:*:*",
"matchCriteriaId": "1B36DAA2-B8F5-43A6-B407-5FF718383D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_remote_control:6.0_build_6.0.74:*:*:fr:*:*:*:*",
"matchCriteriaId": "C7F41317-348B-4DD7-917C-46C6E2857E50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DM Primer in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops \u0026 Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption and log file consumption) via unspecified \"unrecognized network messages\" that are not properly handled."
}
],
"id": "CVE-2006-0307",
"lastModified": "2024-11-21T00:06:09.590",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-01-19T00:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18531"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015504"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/22529"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/422381/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/16276"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0236"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1015504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/22529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/422381/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/16276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-13 00:17
Modified
2024-11-21 00:37
Severity ?
Summary
Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | 9.01 | |
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | brightstor_enterprise_backup | 10.5 | |
| broadcom | business_protection_suite | 2.0 | |
| broadcom | server_protection_suite | 2 | |
| ca | brightstor_arcserve_backup | 11 | |
| ca | business_protection_suite | 2.0 | |
| ca | business_protection_suite | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "1366038C-7552-44C7-BB01-316AA0D088F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "D24EEBF9-8301-4E8E-8AE1-E41774EDEFD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el dbasvr del CA BrightStor ARCServe BackUp v9.01 hasta la R11.5 y el Enterprise Backup r10.5, tiene un impacto desconocido y vectores de ataque relacionados con la corrupci\u00f3n de memoria."
}
],
"id": "CVE-2007-5329",
"lastModified": "2024-11-21T00:37:39.930",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-13T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/41372"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27192"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26015"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3470"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/41372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37068"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-25 20:19
Modified
2024-11-21 00:30
Severity ?
Summary
Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | 9.01 | |
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | business_protection_suite | 2.0 | |
| broadcom | server_protection_suite | 2 | |
| ca | brightstor_arcserve_backup | 11 | |
| ca | business_protection_suite | 2.0 | |
| ca | business_protection_suite | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "C689BA77-8B88-4742-9AF1-567E12B92E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_premium:*:*:*:*:*",
"matchCriteriaId": "2429EE00-5359-4C47-A634-8DBC57253266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_standard:*:*:*:*:*",
"matchCriteriaId": "F33EE596-0901-4A13-BAA1-1A7C7C16AD27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785."
},
{
"lang": "es",
"value": "M\u00faltiple desbordamiento de b\u00fafer basado en pila en el servicio SUN RPC del CA (antiguamente Computer Associates) BrightStor ARCserve Media Server, como el utilizado en el BrightStor ARCserve Backup 9.01 hasta la 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2 y Business Protection Suite 2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de cadenas RPC mal formadas. Vulnerabilidad diferente a las CVE-2006-5171, CVE-2006-5172 y CVE-2007-1785."
}
],
"id": "CVE-2007-2139",
"lastModified": "2024-11-21T00:30:00.543",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-25T20:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35326"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24972"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2628"
},
{
"source": "cve@mitre.org",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/979825"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/466790/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23635"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017952"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1529"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/979825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/466790/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33854"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-13 00:17
Modified
2024-11-21 00:37
Severity ?
Summary
Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | 9.01 | |
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | brightstor_enterprise_backup | 10.5 | |
| broadcom | business_protection_suite | 2.0 | |
| broadcom | server_protection_suite | 2 | |
| ca | brightstor_arcserve_backup | 11 | |
| ca | business_protection_suite | 2.0 | |
| ca | business_protection_suite | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "1366038C-7552-44C7-BB01-316AA0D088F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "D24EEBF9-8301-4E8E-8AE1-E41774EDEFD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en (1) RPC y (2) rpcx.dll de CA BrightStor ARCServer BackUp v9.01 hasta R11.5, y Enterprise Backup r10.5, permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2007-5326",
"lastModified": "2024-11-21T00:37:39.493",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-13T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/41368"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27192"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-49/advisory/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26015"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/41368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-49/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:10
Modified
2024-11-21 00:51
Severity ?
Summary
Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | arcserve_backup | r12.0 | |
| broadcom | business_protection_suite | r2 | |
| broadcom | server_protection_suite | r2 | |
| ca | arcserve_backup | r11.1 | |
| ca | arcserve_backup | r11.5 | |
| ca | business_protection_suite | r2 | |
| ca | business_protection_suite | r2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:arcserve_backup:r12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AB3E8F-50D3-41EC-BC2B-CF86FB4801E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "9389EFCA-4989-4946-A92C-8C54EE9E55B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "97C8F8E4-C75F-49FF-82AA-295286BA26CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8713893-59CE-486A-9262-E755A8F2D58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "05B760BC-64EF-4BE1-BBB5-70B9DCC5E74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "19A3DA98-A072-4EE3-8542-A0AF89F9DBCD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el servicio de motor de cinta en asdbapi.dll de CA ARCserve Backup (anteriormente BrightStor ARCserve Backup) de r11.1 a r12.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante una petici\u00f3n manipulada."
}
],
"id": "CVE-2008-4398",
"lastModified": "2024-11-21T00:51:35.160",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:10:35.707",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45775"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-01-19 00:03
Modified
2024-11-21 00:06
Severity ?
Summary
The DM Primer (dmprimer.exe) in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption or application hang) via a large network packet, which causes a WSAEMESGSIZE error code that is not handled, leading to a thread exit.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup_laptops_desktops | 11.0 | |
| broadcom | brightstor_arcserve_backup_laptops_desktops | 11.1 | |
| broadcom | brightstor_arcserve_backup_laptops_desktops | 11.1 | |
| broadcom | brightstor_mobile_backup | r4.0 | |
| broadcom | business_protection_suite | 2.0 | |
| broadcom | desktop_protection_suite | 2.0 | |
| broadcom | server_protection_suite | 2 | |
| broadcom | unicenter_remote_control | 5.2 | |
| broadcom | unicenter_remote_control | 6.0 | |
| broadcom | unicenter_remote_control | 6.0 | |
| ca | unicenter_remote_control | 6.0 | |
| ca | unicenter_remote_control | 6.0 | |
| ca | unicenter_remote_control | 6.0_build_6.0.56.3 | |
| ca | unicenter_remote_control | 6.0_build_6.0.74 | |
| ca | unicenter_remote_control | 6.0_build_6.0.74 | |
| ca | unicenter_remote_control | 6.0_build_6.0.74 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9DAE8E8B-7FD6-43CB-B07A-6D3B31E94DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_mobile_backup:r4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D9448EC1-7527-4CF9-85FC-26F61714E4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB698F99-FC87-4D59-9E01-3CE7A57FE0E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_remote_control:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B43CE892-50CB-429F-B986-6FD4398A1D71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_remote_control:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "53C2C33D-8403-4C75-8A52-713393FE408F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:unicenter_remote_control:6.0:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D293FB82-D21B-4BDD-A511-B994B557032A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_remote_control:6.0:sp1:*:en:*:*:*:*",
"matchCriteriaId": "63788A55-F137-4F8A-8FDD-9C0B9881DE1E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_remote_control:6.0:sp1:*:fr:*:*:*:*",
"matchCriteriaId": "D9AB86C1-ABE7-4DB1-A050-2E54607BF3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_remote_control:6.0_build_6.0.56.3:*:*:en:*:*:*:*",
"matchCriteriaId": "8E01F0FB-C836-4B25-9B40-6D0EEDEDFA74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_remote_control:6.0_build_6.0.74:*:*:de:*:*:*:*",
"matchCriteriaId": "C45E9E3A-68D4-46D3-8A56-A07A76F4F7FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_remote_control:6.0_build_6.0.74:*:*:en:*:*:*:*",
"matchCriteriaId": "1B36DAA2-B8F5-43A6-B407-5FF718383D4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:unicenter_remote_control:6.0_build_6.0.74:*:*:fr:*:*:*:*",
"matchCriteriaId": "C7F41317-348B-4DD7-917C-46C6E2857E50",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The DM Primer (dmprimer.exe) in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops \u0026 Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption or application hang) via a large network packet, which causes a WSAEMESGSIZE error code that is not handled, leading to a thread exit."
}
],
"id": "CVE-2006-0306",
"lastModified": "2024-11-21T00:06:09.423",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-01-19T00:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18531"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015504"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory",
"URL Repurposed"
],
"url": "http://www.designfolks.com.au/karma/DMPrimer/"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/22529"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/422381/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/16276"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0236"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18531"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015504"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory",
"URL Repurposed"
],
"url": "http://www.designfolks.com.au/karma/DMPrimer/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/22529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/422381/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/16276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/0236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:10
Modified
2024-11-21 00:51
Severity ?
Summary
Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | arcserve_backup | r12.0 | |
| broadcom | business_protection_suite | r2 | |
| broadcom | server_protection_suite | r2 | |
| ca | arcserve_backup | r11.1 | |
| ca | arcserve_backup | r11.5 | |
| ca | business_protection_suite | r2 | |
| ca | business_protection_suite | r2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:arcserve_backup:r12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AB3E8F-50D3-41EC-BC2B-CF86FB4801E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "9389EFCA-4989-4946-A92C-8C54EE9E55B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "97C8F8E4-C75F-49FF-82AA-295286BA26CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8713893-59CE-486A-9262-E755A8F2D58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "05B760BC-64EF-4BE1-BBB5-70B9DCC5E74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "19A3DA98-A072-4EE3-8542-A0AF89F9DBCD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to \"insufficient validation.\""
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el servicio del motor de la base de datos en asdbapi.dll en CA ARCserve Backup (antes BrightStor ARCserve Backup) vr11.1 hasta vr12.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una petici\u00f3n manipulada, relacionado con \"validaci\u00f3n insuficiente\"."
}
],
"id": "CVE-2008-4399",
"lastModified": "2024-11-21T00:51:35.317",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:10:35.723",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45776"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-05-21 13:24
Modified
2024-11-21 00:46
Severity ?
Summary
Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | server_protection_suite | 2 | |
| ca | brightstor_arcserve_backup | 11.0 | |
| ca | brightstor_arcserve_backup | r11.0 | |
| ca | business_protection_suite | 2.0 | |
| ca | business_protection_suite | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9190C236-0BBF-47CF-94F5-F2408D33C5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:r11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1812E8C2-895E-4179-B313-22C8EB527544",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "1366038C-7552-44C7-BB01-316AA0D088F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "D24EEBF9-8301-4E8E-8AE1-E41774EDEFD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en caloggerd de BrightStor ARCServe Backup 11.0, 11.1 y 11.5, permite a atacantes remotos a\u00f1adir datos a archivos arbitrariamente a trav\u00e9s de secuencias de salto de directorio en archivos de entrada no especificados, que son utilizados en mensajes de log. NOTA: puede aprovecharse para ejecuci\u00f3n de c\u00f3digo en muchos entornos de instalaci\u00f3n escribiendo en un fichero archivo de inicio o en un archivo de configuraci\u00f3n."
}
],
"id": "CVE-2008-2241",
"lastModified": "2024-11-21T00:46:25.440",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-05-21T13:24:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30300"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/492266/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/29283"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020043"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1573/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-027/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42524"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/492266/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/29283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1573/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-027/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-10 04:06
Modified
2024-11-21 00:18
Severity ?
Summary
Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; and Business Protection Suite r2 allow remote attackers to execute arbitrary code via crafted data on TCP port 6071 to the Backup Agent RPC Server (DBASVR.exe) using the RPC routines with opcode (1) 0x01, (2) 0x02, or (3) 0x18; invalid stub data on TCP port 6503 to the RPC routines with opcode (4) 0x2b or (5) 0x2d in ASCORE.dll in the Message Engine RPC Server (msgeng.exe); (6) a long hostname on TCP port 41523 to ASBRDCST.DLL in the Discovery Service (casdscsvc.exe); or unspecified vectors related to the (7) Job Engine Service.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | * | |
| broadcom | brightstor_arcserve_backup | 9.01 | |
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_enterprise_backup | 10.5 | |
| broadcom | business_protection_suite | 2.0 | |
| broadcom | server_protection_suite | 2 | |
| ca | brightstor_arcserve_backup | 11 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "8745E951-E151-4EB6-86B4-4E8754ADEFE8",
"versionEndIncluding": "11.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; and Business Protection Suite r2 allow remote attackers to execute arbitrary code via crafted data on TCP port 6071 to the Backup Agent RPC Server (DBASVR.exe) using the RPC routines with opcode (1) 0x01, (2) 0x02, or (3) 0x18; invalid stub data on TCP port 6503 to the RPC routines with opcode (4) 0x2b or (5) 0x2d in ASCORE.dll in the Message Engine RPC Server (msgeng.exe); (6) a long hostname on TCP port 41523 to ASBRDCST.DLL in the Discovery Service (casdscsvc.exe); or unspecified vectors related to the (7) Job Engine Service."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basado en mont\u00f3n en CA BrightStor ARCserve Backup r11.5 SP1 y anteriores, r11.1, y 9.01; BrightStor ARCServe Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; y Buisiness Protection Suite r2 permiten a un atacante remoto ejecutar c\u00f3digo de su elecci\u00f3n mediante datos manipulados en el puerto TCP 6071 para el Backup Agent RPC Server (DBASVR.exe) utilizando rutinas RPC con c\u00f3digos de operaci\u00f3n (opcode) (1) 0x01, (2) 0x02, y (3) 0x18; datos de cabo (stub) inv\u00e1lidos en el puerto TCP 6503 para las rutinas RPC con c\u00f3digos de operaci\u00f3n (4)0x2b o (5) 0x2d en ASCORE.dll en el Message Engine RPC Server (msgeng.exe); (6) un nombre de anfitri\u00f3n (hostname ) largo en el puerto TCP 41523 para ASBRDCST.DLL en el Discovery Service (casdscsvc.exe); o vectores no especificados relacionados con el (7) Job Engine Service."
}
],
"id": "CVE-2006-5143",
"lastModified": "2024-11-21T00:18:02.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-10T04:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22285"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017003"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017004"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017005"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017006"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/361792"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/860048"
},
{
"source": "cve@mitre.org",
"url": "http://www.lssec.com/advisories/LS-20060220.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.lssec.com/advisories/LS-20060313.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.lssec.com/advisories/LS-20060330.pdf"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/447839/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/447847/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/447848/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/447862/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/447926/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/447927/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/447930/100/200/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/20365"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.tippingpoint.com/security/advisories/TSRT-06-11.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3930"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-030.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-031.html"
},
{
"source": "cve@mitre.org",
"url": "http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=93775\u0026id=90744"
},
{
"source": "cve@mitre.org",
"url": "http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=94397\u0026id=90744"
},
{
"source": "cve@mitre.org",
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34693"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29364"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/22285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017003"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/361792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/860048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.lssec.com/advisories/LS-20060220.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.lssec.com/advisories/LS-20060313.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.lssec.com/advisories/LS-20060330.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447839/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447847/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447848/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447862/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447926/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447927/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/447930/100/200/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/20365"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.tippingpoint.com/security/advisories/TSRT-06-11.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2006/3930"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-030.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=93775\u0026id=90744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=94397\u0026id=90744"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34693"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29364"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:10
Modified
2024-11-21 00:51
Severity ?
Summary
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | arcserve_backup | r12.0 | |
| broadcom | business_protection_suite | r2 | |
| broadcom | server_protection_suite | r2 | |
| ca | arcserve_backup | r11.1 | |
| ca | arcserve_backup | r11.5 | |
| ca | business_protection_suite | r2 | |
| ca | business_protection_suite | r2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:arcserve_backup:r12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AB3E8F-50D3-41EC-BC2B-CF86FB4801E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "9389EFCA-4989-4946-A92C-8C54EE9E55B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "97C8F8E4-C75F-49FF-82AA-295286BA26CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8713893-59CE-486A-9262-E755A8F2D58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "05B760BC-64EF-4BE1-BBB5-70B9DCC5E74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "19A3DA98-A072-4EE3-8542-A0AF89F9DBCD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en la interfaz RPC (asdbapi.dll) en CA ARCserve Backup (antes BrightStor ARCserve Backup) vr11.1 hasta vr12.0 permite a atacantes remotos ejecutar comandos de su elecci\u00f3n a trav\u00e9s de .. (punto punto) en una llamada RPC con un opnum 0x10A."
}
],
"id": "CVE-2008-4397",
"lastModified": "2024-11-21T00:51:35.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:10:35.677",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4412"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497281/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45774"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497281/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:10
Modified
2024-11-21 00:51
Severity ?
Summary
Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | arcserve_backup | r12.0 | |
| broadcom | business_protection_suite | r2 | |
| broadcom | server_protection_suite | r2 | |
| ca | arcserve_backup | r11.1 | |
| ca | arcserve_backup | r11.5 | |
| ca | business_protection_suite | r2 | |
| ca | business_protection_suite | r2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:arcserve_backup:r12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AB3E8F-50D3-41EC-BC2B-CF86FB4801E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "9389EFCA-4989-4946-A92C-8C54EE9E55B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "97C8F8E4-C75F-49FF-82AA-295286BA26CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8713893-59CE-486A-9262-E755A8F2D58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "05B760BC-64EF-4BE1-BBB5-70B9DCC5E74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "19A3DA98-A072-4EE3-8542-A0AF89F9DBCD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to \"insufficient validation.\""
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en asdbapi.dll de CA ARCserve Backup (antes llamado BrightStor ARCserve Backup)r11.1 hasta r12.0 permite a un atacante remoto causar una denegaci\u00f3n de servicio (ca\u00edda de varios servicios) por medio de credenciales de autentificaci\u00f3n manipulados, relacionado con una validaci\u00f3n insuficiente."
}
],
"id": "CVE-2008-4400",
"lastModified": "2024-11-21T00:51:35.477",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:10:35.753",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45777"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-12-10 19:28
Modified
2024-11-21 00:22
Severity ?
Summary
Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | 9.01 | |
| broadcom | brightstor_arcserve_backup | 11 | |
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | brightstor_enterprise_backup | 10.5 | |
| broadcom | server_protection_suite | 2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*",
"matchCriteriaId": "8C339825-77F9-478A-B1F7-A297D5715396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp1:*:*:*:*:*:*",
"matchCriteriaId": "4305BA3B-B302-48EA-A923-EEC762DA42ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en BrightStor Backup Discovery Service en m\u00faltiples productos CA, incluidos ARCserve Backup r11.5 SP1 y anteriores, ARCserve Backup 9.01 hasta la 11.1, Enterprise Backup 10.5 , y CA Server Protection Suite r2, permite a un atacante remoto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2006-6379",
"lastModified": "2024-11-21T00:22:32.380",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-12-10T19:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2010"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017356"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/30775"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/453916/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21502"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4910"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017356"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/30775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/453916/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/21502"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4910"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30791"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2007-2139
Vulnerability from cvelistv5
Published
2007-04-25 20:00
Modified
2024-08-07 13:23
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securityreason.com/securityalert/2628 | third-party-advisory, x_refsource_SREASON | |
| http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/979825 | third-party-advisory, x_refsource_CERT-VN | |
| http://osvdb.org/35326 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/24972 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33854 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/23635 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/466790/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1017952 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/1529 | vdb-entry, x_refsource_VUPEN | |
| http://www.zerodayinitiative.com/advisories/ZDI-07-022.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:23:50.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2628",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2628"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp"
},
{
"name": "VU#979825",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/979825"
},
{
"name": "35326",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35326"
},
{
"name": "24972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24972"
},
{
"name": "brightstor-sun-rpc-bo(33854)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33854"
},
{
"name": "23635",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23635"
},
{
"name": "20070424 ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466790/100/0/threaded"
},
{
"name": "1017952",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017952"
},
{
"name": "ADV-2007-1529",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2628",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2628"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp"
},
{
"name": "VU#979825",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/979825"
},
{
"name": "35326",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35326"
},
{
"name": "24972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24972"
},
{
"name": "brightstor-sun-rpc-bo(33854)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33854"
},
{
"name": "23635",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23635"
},
{
"name": "20070424 ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/466790/100/0/threaded"
},
{
"name": "1017952",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017952"
},
{
"name": "ADV-2007-1529",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2628",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2628"
},
{
"name": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp"
},
{
"name": "VU#979825",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/979825"
},
{
"name": "35326",
"refsource": "OSVDB",
"url": "http://osvdb.org/35326"
},
{
"name": "24972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24972"
},
{
"name": "brightstor-sun-rpc-bo(33854)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33854"
},
{
"name": "23635",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23635"
},
{
"name": "20070424 ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466790/100/0/threaded"
},
{
"name": "1017952",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017952"
},
{
"name": "ADV-2007-1529",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1529"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2139",
"datePublished": "2007-04-25T20:00:00",
"dateReserved": "2007-04-18T00:00:00",
"dateUpdated": "2024-08-07T13:23:50.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4397
Vulnerability from cvelistv5
Published
2008-10-14 20:00
Modified
2024-08-07 10:17
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/31684 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45774 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2008/2777 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1021032 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/archive/1/497281/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32220 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/497218 | mailing-list, x_refsource_BUGTRAQ | |
| http://securityreason.com/securityalert/4412 | third-party-advisory, x_refsource_SREASON |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ca-arcservebackup-message-command-execution(45774)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45774"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"name": "20081011 CA BrightStor ARCServe BackUp Message Engine Remote Command Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497281/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"name": "4412",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4412"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ca-arcservebackup-message-command-execution(45774)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45774"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"name": "20081011 CA BrightStor ARCServe BackUp Message Engine Remote Command Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497281/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"name": "4412",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4412"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ca-arcservebackup-message-command-execution(45774)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45774"
},
{
"name": "ADV-2008-2777",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "1021032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"name": "20081011 CA BrightStor ARCServe BackUp Message Engine Remote Command Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497281/100/0/threaded"
},
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"name": "4412",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4412"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4397",
"datePublished": "2008-10-14T20:00:00",
"dateReserved": "2008-10-02T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-2241
Vulnerability from cvelistv5
Published
2008-05-21 10:00
Modified
2024-08-07 08:58
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/29283 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/30300 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.zerodayinitiative.com/advisories/ZDI-08-027/ | x_refsource_MISC | |
| https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798 | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2008/1573/references | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/492266/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42524 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/492274/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1020043 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:58:00.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29283"
},
{
"name": "30300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30300"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-027/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
},
{
"name": "ADV-2008-1573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1573/references"
},
{
"name": "20080519 ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/492266/100/0/threaded"
},
{
"name": "ca-arcservebackup-caloggerd-code-execution(42524)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42524"
},
{
"name": "20080519 CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
},
{
"name": "1020043",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020043"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29283"
},
{
"name": "30300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30300"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-027/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
},
{
"name": "ADV-2008-1573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1573/references"
},
{
"name": "20080519 ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/492266/100/0/threaded"
},
{
"name": "ca-arcservebackup-caloggerd-code-execution(42524)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42524"
},
{
"name": "20080519 CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
},
{
"name": "1020043",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020043"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2241",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29283"
},
{
"name": "30300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30300"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-027/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-027/"
},
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
},
{
"name": "ADV-2008-1573",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1573/references"
},
{
"name": "20080519 ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/492266/100/0/threaded"
},
{
"name": "ca-arcservebackup-caloggerd-code-execution(42524)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42524"
},
{
"name": "20080519 CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
},
{
"name": "1020043",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020043"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2241",
"datePublished": "2008-05-21T10:00:00",
"dateReserved": "2008-05-16T00:00:00",
"dateUpdated": "2024-08-07T08:58:00.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5326
Vulnerability from cvelistv5
Published
2007-10-13 00:00
Modified
2024-08-07 15:24
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/27192 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/41368 | vdb-entry, x_refsource_OSVDB | |
| http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp | x_refsource_CONFIRM | |
| http://secunia.com/secunia_research/2007-49/advisory/ | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/482121/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/26015 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1018805 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/3470 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27192"
},
{
"name": "41368",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41368"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-49/advisory/"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "26015",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26015"
},
{
"name": "1018805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "ADV-2007-3470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27192"
},
{
"name": "41368",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41368"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-49/advisory/"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "26015",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26015"
},
{
"name": "1018805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "ADV-2007-3470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27192",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27192"
},
{
"name": "41368",
"refsource": "OSVDB",
"url": "http://osvdb.org/41368"
},
{
"name": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "http://secunia.com/secunia_research/2007-49/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-49/advisory/"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "26015",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26015"
},
{
"name": "1018805",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "ADV-2007-3470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5326",
"datePublished": "2007-10-13T00:00:00",
"dateReserved": "2007-10-10T00:00:00",
"dateUpdated": "2024-08-07T15:24:42.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0306
Vulnerability from cvelistv5
Published
2006-01-19 00:00
Modified
2024-08-07 16:34
Severity ?
EPSS score ?
Summary
The DM Primer (dmprimer.exe) in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption or application hang) via a large network packet, which causes a WSAEMESGSIZE error code that is not handled, leading to a thread exit.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/22529 | vdb-entry, x_refsource_OSVDB | |
| http://www.designfolks.com.au/karma/DMPrimer/ | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/422381/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2006/0236 | vdb-entry, x_refsource_VUPEN | |
| http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/18531 | third-party-advisory, x_refsource_SECUNIA | |
| http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/16276 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1015504 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:13.228Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22529",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.designfolks.com.au/karma/DMPrimer/"
},
{
"name": "20060118 CAID 33756 - DM Deployment Common Component Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/422381/100/0/threaded"
},
{
"name": "ADV-2006-0236",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0236"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756"
},
{
"name": "18531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18531"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp"
},
{
"name": "16276",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16276"
},
{
"name": "1015504",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DM Primer (dmprimer.exe) in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops \u0026 Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption or application hang) via a large network packet, which causes a WSAEMESGSIZE error code that is not handled, leading to a thread exit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22529",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.designfolks.com.au/karma/DMPrimer/"
},
{
"name": "20060118 CAID 33756 - DM Deployment Common Component Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/422381/100/0/threaded"
},
{
"name": "ADV-2006-0236",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0236"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756"
},
{
"name": "18531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18531"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp"
},
{
"name": "16276",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16276"
},
{
"name": "1015504",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015504"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0306",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DM Primer (dmprimer.exe) in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops \u0026 Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption or application hang) via a large network packet, which causes a WSAEMESGSIZE error code that is not handled, leading to a thread exit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22529",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22529"
},
{
"name": "http://www.designfolks.com.au/karma/DMPrimer/",
"refsource": "MISC",
"url": "http://www.designfolks.com.au/karma/DMPrimer/"
},
{
"name": "20060118 CAID 33756 - DM Deployment Common Component Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/422381/100/0/threaded"
},
{
"name": "ADV-2006-0236",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0236"
},
{
"name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756",
"refsource": "CONFIRM",
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756"
},
{
"name": "18531",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18531"
},
{
"name": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp"
},
{
"name": "16276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16276"
},
{
"name": "1015504",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015504"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0306",
"datePublished": "2006-01-19T00:00:00",
"dateReserved": "2006-01-18T00:00:00",
"dateUpdated": "2024-08-07T16:34:13.228Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4400
Vulnerability from cvelistv5
Published
2008-10-14 20:00
Modified
2024-08-07 10:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/31684 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2008/2777 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45777 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1021032 | vdb-entry, x_refsource_SECTRACK | |
| https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32220 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/497218 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "ca-arcservebackup-authentication-dos(45777)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45777"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to \"insufficient validation.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "ca-arcservebackup-authentication-dos(45777)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45777"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to \"insufficient validation.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ADV-2008-2777",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "ca-arcservebackup-authentication-dos(45777)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45777"
},
{
"name": "1021032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4400",
"datePublished": "2008-10-14T20:00:00",
"dateReserved": "2008-10-02T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0307
Vulnerability from cvelistv5
Published
2006-01-19 00:00
Modified
2024-08-07 16:34
Severity ?
EPSS score ?
Summary
The DM Primer in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption and log file consumption) via unspecified "unrecognized network messages" that are not properly handled.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/22529 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/422381/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2006/0236 | vdb-entry, x_refsource_VUPEN | |
| http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/18531 | third-party-advisory, x_refsource_SECUNIA | |
| http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/16276 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1015504 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:13.590Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22529",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22529"
},
{
"name": "20060118 CAID 33756 - DM Deployment Common Component Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/422381/100/0/threaded"
},
{
"name": "ADV-2006-0236",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0236"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756"
},
{
"name": "18531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18531"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp"
},
{
"name": "16276",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16276"
},
{
"name": "1015504",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015504"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-01-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The DM Primer in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops \u0026 Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption and log file consumption) via unspecified \"unrecognized network messages\" that are not properly handled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22529",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22529"
},
{
"name": "20060118 CAID 33756 - DM Deployment Common Component Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/422381/100/0/threaded"
},
{
"name": "ADV-2006-0236",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0236"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756"
},
{
"name": "18531",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18531"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp"
},
{
"name": "16276",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16276"
},
{
"name": "1015504",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015504"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0307",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The DM Primer in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops \u0026 Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection Suite r2, and CA Business Protection Suite r2 allows remote attackers to cause a denial of service (CPU consumption and log file consumption) via unspecified \"unrecognized network messages\" that are not properly handled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22529",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22529"
},
{
"name": "20060118 CAID 33756 - DM Deployment Common Component Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/422381/100/0/threaded"
},
{
"name": "ADV-2006-0236",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0236"
},
{
"name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756",
"refsource": "CONFIRM",
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33756"
},
{
"name": "18531",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18531"
},
{
"name": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/ca_common_docs/dmdeploysecurity_notice.asp"
},
{
"name": "16276",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16276"
},
{
"name": "1015504",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015504"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0307",
"datePublished": "2006-01-19T00:00:00",
"dateReserved": "2006-01-18T00:00:00",
"dateUpdated": "2024-08-07T16:34:13.590Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-5143
Vulnerability from cvelistv5
Published
2006-10-06 20:00
Modified
2024-08-07 19:41
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; and Business Protection Suite r2 allow remote attackers to execute arbitrary code via crafted data on TCP port 6071 to the Backup Agent RPC Server (DBASVR.exe) using the RPC routines with opcode (1) 0x01, (2) 0x02, or (3) 0x18; invalid stub data on TCP port 6503 to the RPC routines with opcode (4) 0x2b or (5) 0x2d in ASCORE.dll in the Message Engine RPC Server (msgeng.exe); (6) a long hostname on TCP port 41523 to ASBRDCST.DLL in the Discovery Service (casdscsvc.exe); or unspecified vectors related to the (7) Job Engine Service.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:41:05.212Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20061005 TSRT-06-11: CA Multiple Product DBASVR RPC Server Multiple Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447862/100/100/threaded"
},
{
"name": "22285",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22285"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-031.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.lssec.com/advisories/LS-20060330.pdf"
},
{
"name": "ca-dbasvr-rpc-bo(29364)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29364"
},
{
"name": "20061007 LS-20060313 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447930/100/200/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.lssec.com/advisories/LS-20060313.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34693"
},
{
"name": "VU#361792",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/361792"
},
{
"name": "20061007 LS-20060220 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447926/100/200/threaded"
},
{
"name": "1017004",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017004"
},
{
"name": "VU#860048",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/860048"
},
{
"name": "ADV-2006-3930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/3930"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.lssec.com/advisories/LS-20060220.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=93775\u0026id=90744"
},
{
"name": "20365",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20365"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-030.html"
},
{
"name": "20061005 ZDI-06-030: CA Multiple Product Discovery Service Remote Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447847/100/200/threaded"
},
{
"name": "20061007 LS-20060330 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447927/100/200/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.tippingpoint.com/security/advisories/TSRT-06-11.html"
},
{
"name": "1017006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017006"
},
{
"name": "1017003",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017003"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=94397\u0026id=90744"
},
{
"name": "1017005",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017005"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp"
},
{
"name": "20061006 [CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447839/100/100/threaded"
},
{
"name": "20061005 ZDI-06-031: CA Multiple Product Message Engine RPC Server Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/447848/100/100/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; and Business Protection Suite r2 allow remote attackers to execute arbitrary code via crafted data on TCP port 6071 to the Backup Agent RPC Server (DBASVR.exe) using the RPC routines with opcode (1) 0x01, (2) 0x02, or (3) 0x18; invalid stub data on TCP port 6503 to the RPC routines with opcode (4) 0x2b or (5) 0x2d in ASCORE.dll in the Message Engine RPC Server (msgeng.exe); (6) a long hostname on TCP port 41523 to ASBRDCST.DLL in the Discovery Service (casdscsvc.exe); or unspecified vectors related to the (7) Job Engine Service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20061005 TSRT-06-11: CA Multiple Product DBASVR RPC Server Multiple Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447862/100/100/threaded"
},
{
"name": "22285",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22285"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-031.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.lssec.com/advisories/LS-20060330.pdf"
},
{
"name": "ca-dbasvr-rpc-bo(29364)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29364"
},
{
"name": "20061007 LS-20060313 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447930/100/200/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.lssec.com/advisories/LS-20060313.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34693"
},
{
"name": "VU#361792",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/361792"
},
{
"name": "20061007 LS-20060220 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447926/100/200/threaded"
},
{
"name": "1017004",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017004"
},
{
"name": "VU#860048",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/860048"
},
{
"name": "ADV-2006-3930",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/3930"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.lssec.com/advisories/LS-20060220.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=93775\u0026id=90744"
},
{
"name": "20365",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20365"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-030.html"
},
{
"name": "20061005 ZDI-06-030: CA Multiple Product Discovery Service Remote Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447847/100/200/threaded"
},
{
"name": "20061007 LS-20060330 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447927/100/200/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.tippingpoint.com/security/advisories/TSRT-06-11.html"
},
{
"name": "1017006",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017006"
},
{
"name": "1017003",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017003"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=94397\u0026id=90744"
},
{
"name": "1017005",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017005"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp"
},
{
"name": "20061006 [CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447839/100/100/threaded"
},
{
"name": "20061005 ZDI-06-031: CA Multiple Product Message Engine RPC Server Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/447848/100/100/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; and Business Protection Suite r2 allow remote attackers to execute arbitrary code via crafted data on TCP port 6071 to the Backup Agent RPC Server (DBASVR.exe) using the RPC routines with opcode (1) 0x01, (2) 0x02, or (3) 0x18; invalid stub data on TCP port 6503 to the RPC routines with opcode (4) 0x2b or (5) 0x2d in ASCORE.dll in the Message Engine RPC Server (msgeng.exe); (6) a long hostname on TCP port 41523 to ASBRDCST.DLL in the Discovery Service (casdscsvc.exe); or unspecified vectors related to the (7) Job Engine Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20061005 TSRT-06-11: CA Multiple Product DBASVR RPC Server Multiple Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447862/100/100/threaded"
},
{
"name": "22285",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22285"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-031.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-031.html"
},
{
"name": "http://www.lssec.com/advisories/LS-20060330.pdf",
"refsource": "MISC",
"url": "http://www.lssec.com/advisories/LS-20060330.pdf"
},
{
"name": "ca-dbasvr-rpc-bo(29364)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29364"
},
{
"name": "20061007 LS-20060313 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447930/100/200/threaded"
},
{
"name": "http://www.lssec.com/advisories/LS-20060313.pdf",
"refsource": "MISC",
"url": "http://www.lssec.com/advisories/LS-20060313.pdf"
},
{
"name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34693",
"refsource": "CONFIRM",
"url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34693"
},
{
"name": "VU#361792",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/361792"
},
{
"name": "20061007 LS-20060220 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447926/100/200/threaded"
},
{
"name": "1017004",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017004"
},
{
"name": "VU#860048",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/860048"
},
{
"name": "ADV-2006-3930",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/3930"
},
{
"name": "http://www.lssec.com/advisories/LS-20060220.pdf",
"refsource": "MISC",
"url": "http://www.lssec.com/advisories/LS-20060220.pdf"
},
{
"name": "http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=93775\u0026id=90744",
"refsource": "CONFIRM",
"url": "http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=93775\u0026id=90744"
},
{
"name": "20365",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20365"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-06-030.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-06-030.html"
},
{
"name": "20061005 ZDI-06-030: CA Multiple Product Discovery Service Remote Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447847/100/200/threaded"
},
{
"name": "20061007 LS-20060330 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447927/100/200/threaded"
},
{
"name": "http://www.tippingpoint.com/security/advisories/TSRT-06-11.html",
"refsource": "MISC",
"url": "http://www.tippingpoint.com/security/advisories/TSRT-06-11.html"
},
{
"name": "1017006",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017006"
},
{
"name": "1017003",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017003"
},
{
"name": "http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=94397\u0026id=90744",
"refsource": "CONFIRM",
"url": "http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=94397\u0026id=90744"
},
{
"name": "1017005",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017005"
},
{
"name": "http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp"
},
{
"name": "20061006 [CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447839/100/100/threaded"
},
{
"name": "20061005 ZDI-06-031: CA Multiple Product Message Engine RPC Server Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/447848/100/100/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5143",
"datePublished": "2006-10-06T20:00:00",
"dateReserved": "2006-10-02T00:00:00",
"dateUpdated": "2024-08-07T19:41:05.212Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4398
Vulnerability from cvelistv5
Published
2008-10-14 20:00
Modified
2024-08-07 10:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/31684 | vdb-entry, x_refsource_BID | |
| http://www.vupen.com/english/advisories/2008/2777 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45775 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1021032 | vdb-entry, x_refsource_SECTRACK | |
| https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32220 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/497218 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "ca-arcservebackup-tape-engine-dos(45775)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45775"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "ca-arcservebackup-tape-engine-dos(45775)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45775"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4398",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ADV-2008-2777",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "ca-arcservebackup-tape-engine-dos(45775)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45775"
},
{
"name": "1021032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4398",
"datePublished": "2008-10-14T20:00:00",
"dateReserved": "2008-10-02T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-6379
Vulnerability from cvelistv5
Published
2006-12-10 19:00
Modified
2024-08-07 20:26
Severity ?
EPSS score ?
Summary
Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2006/4910 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/archive/1/453916/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/30791 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1017356 | vdb-entry, x_refsource_SECTRACK | |
| http://securityreason.com/securityalert/2010 | third-party-advisory, x_refsource_SREASON | |
| http://www.osvdb.org/30775 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/21502 | vdb-entry, x_refsource_BID | |
| http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:26:46.060Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-4910",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4910"
},
{
"name": "20061208 [CAID 34846]: CA BrightStor ARCserve Backup Discovery Service Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453916/100/0/threaded"
},
{
"name": "brightstor-arcserv-discovery-bo(30791)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30791"
},
{
"name": "1017356",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017356"
},
{
"name": "2010",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2010"
},
{
"name": "30775",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30775"
},
{
"name": "21502",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21502"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-4910",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4910"
},
{
"name": "20061208 [CAID 34846]: CA BrightStor ARCserve Backup Discovery Service Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453916/100/0/threaded"
},
{
"name": "brightstor-arcserv-discovery-bo(30791)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30791"
},
{
"name": "1017356",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017356"
},
{
"name": "2010",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2010"
},
{
"name": "30775",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30775"
},
{
"name": "21502",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21502"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6379",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-4910",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4910"
},
{
"name": "20061208 [CAID 34846]: CA BrightStor ARCserve Backup Discovery Service Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453916/100/0/threaded"
},
{
"name": "brightstor-arcserv-discovery-bo(30791)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30791"
},
{
"name": "1017356",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017356"
},
{
"name": "2010",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2010"
},
{
"name": "30775",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30775"
},
{
"name": "21502",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21502"
},
{
"name": "http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6379",
"datePublished": "2006-12-10T19:00:00",
"dateReserved": "2006-12-07T00:00:00",
"dateUpdated": "2024-08-07T20:26:46.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-4399
Vulnerability from cvelistv5
Published
2008-10-14 20:00
Modified
2024-08-07 10:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation."
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/31684 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/45776 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2008/2777 | vdb-entry, x_refsource_VUPEN | |
| http://www.securitytracker.com/id?1021032 | vdb-entry, x_refsource_SECTRACK | |
| https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/32220 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/497218 | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ca-arcservebackup-database-engine-dos(45776)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45776"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to \"insufficient validation.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ca-arcservebackup-database-engine-dos(45776)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45776"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4399",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to \"insufficient validation.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ca-arcservebackup-database-engine-dos(45776)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45776"
},
{
"name": "ADV-2008-2777",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "1021032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4399",
"datePublished": "2008-10-14T20:00:00",
"dateReserved": "2008-10-02T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5331
Vulnerability from cvelistv5
Published
2007-10-13 00:00
Modified
2024-08-07 15:24
Severity ?
EPSS score ?
Summary
Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/27192 | third-party-advisory, x_refsource_SECUNIA | |
| http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/24680 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/482114/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/archive/1/482121/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://research.eeye.com/html/advisories/published/AD20071011.html | third-party-advisory, x_refsource_EEYE | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/37071 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1018805 | vdb-entry, x_refsource_SECTRACK | |
| http://osvdb.org/41371 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2007/3470 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27192"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "24680",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24680"
},
{
"name": "20071011 EEYE: CA BrightStor ArcServe Backup Server Arbitrary Pointer Dereference",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482114/100/0/threaded"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "AD20071011",
"tags": [
"third-party-advisory",
"x_refsource_EEYE",
"x_transferred"
],
"url": "http://research.eeye.com/html/advisories/published/AD20071011.html"
},
{
"name": "ca-brightstor-lqserver-code-execution(37071)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37071"
},
{
"name": "1018805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "41371",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41371"
},
{
"name": "ADV-2007-3470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27192"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "24680",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24680"
},
{
"name": "20071011 EEYE: CA BrightStor ArcServe Backup Server Arbitrary Pointer Dereference",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482114/100/0/threaded"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "AD20071011",
"tags": [
"third-party-advisory",
"x_refsource_EEYE"
],
"url": "http://research.eeye.com/html/advisories/published/AD20071011.html"
},
{
"name": "ca-brightstor-lqserver-code-execution(37071)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37071"
},
{
"name": "1018805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "41371",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41371"
},
{
"name": "ADV-2007-3470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27192",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27192"
},
{
"name": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "24680",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24680"
},
{
"name": "20071011 EEYE: CA BrightStor ArcServe Backup Server Arbitrary Pointer Dereference",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482114/100/0/threaded"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "AD20071011",
"refsource": "EEYE",
"url": "http://research.eeye.com/html/advisories/published/AD20071011.html"
},
{
"name": "ca-brightstor-lqserver-code-execution(37071)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37071"
},
{
"name": "1018805",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "41371",
"refsource": "OSVDB",
"url": "http://osvdb.org/41371"
},
{
"name": "ADV-2007-3470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5331",
"datePublished": "2007-10-13T00:00:00",
"dateReserved": "2007-10-10T00:00:00",
"dateUpdated": "2024-08-07T15:24:42.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5329
Vulnerability from cvelistv5
Published
2007-10-13 00:00
Modified
2024-08-07 15:24
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/27192 | third-party-advisory, x_refsource_SECUNIA | |
| http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/37068 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/482121/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://osvdb.org/41372 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/26015 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1018805 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/3470 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27192"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "ca-brightstor-dbasvr-code-execution(37068)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37068"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "41372",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41372"
},
{
"name": "26015",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26015"
},
{
"name": "1018805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "ADV-2007-3470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27192"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "ca-brightstor-dbasvr-code-execution(37068)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37068"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "41372",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41372"
},
{
"name": "26015",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26015"
},
{
"name": "1018805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "ADV-2007-3470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27192",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27192"
},
{
"name": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "ca-brightstor-dbasvr-code-execution(37068)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37068"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "41372",
"refsource": "OSVDB",
"url": "http://osvdb.org/41372"
},
{
"name": "26015",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26015"
},
{
"name": "1018805",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "ADV-2007-3470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5329",
"datePublished": "2007-10-13T00:00:00",
"dateReserved": "2007-10-10T00:00:00",
"dateUpdated": "2024-08-07T15:24:42.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}