cvelistv5 - cve-2008-2242

CVE-2008-2242 (GCVE-0-2008-2242)

Vulnerability from cvelistv5 – Published: 2008-05-21 10:00 – Updated: 2024-08-07 08:58

Summary

Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.zerodayinitiative.com/advisories/ZDI-08-026/	x_refsource_MISC
	http://www.securityfocus.com/bid/29283	vdb-entryx_refsource_BID
	http://secunia.com/advisories/30300	third-party-advisoryx_refsource_SECUNIA
	https://support.ca.com/irj/portal/anonymous/phpsu…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/492291/100…	mailing-listx_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2008/1573…	vdb-entryx_refsource_VUPEN
	http://www.securitytracker.com/id?1020044	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/492274/100…	mailing-listx_refsource_BUGTRAQ

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T08:58:01.579Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-026/"
          },
          {
            "name": "29283",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29283"
          },
          {
            "name": "30300",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30300"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
          },
          {
            "name": "20080519 ZDI-08-026: CA BrightStor ARCserve Backup Remote Buffer Overflow",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/492291/100/0/threaded"
          },
          {
            "name": "ADV-2008-1573",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1573/references"
          },
          {
            "name": "1020044",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020044"
          },
          {
            "name": "ca-arcservebackup-xdrrwsstring-bo(42527)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42527"
          },
          {
            "name": "20080519 CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-05-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-026/"
        },
        {
          "name": "29283",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29283"
        },
        {
          "name": "30300",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30300"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
        },
        {
          "name": "20080519 ZDI-08-026: CA BrightStor ARCserve Backup Remote Buffer Overflow",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/492291/100/0/threaded"
        },
        {
          "name": "ADV-2008-1573",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1573/references"
        },
        {
          "name": "1020044",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020044"
        },
        {
          "name": "ca-arcservebackup-xdrrwsstring-bo(42527)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42527"
        },
        {
          "name": "20080519 CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2242",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-026/",
              "refsource": "MISC",
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-026/"
            },
            {
              "name": "29283",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29283"
            },
            {
              "name": "30300",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30300"
            },
            {
              "name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798",
              "refsource": "CONFIRM",
              "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
            },
            {
              "name": "20080519 ZDI-08-026: CA BrightStor ARCserve Backup Remote Buffer Overflow",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/492291/100/0/threaded"
            },
            {
              "name": "ADV-2008-1573",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1573/references"
            },
            {
              "name": "1020044",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020044"
            },
            {
              "name": "ca-arcservebackup-xdrrwsstring-bo(42527)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42527"
            },
            {
              "name": "20080519 CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-2242",
    "datePublished": "2008-05-21T10:00:00",
    "dateReserved": "2008-05-16T00:00:00",
    "dateUpdated": "2024-08-07T08:58:01.579Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E37161BE-6AF5-40E0-BD63-2C17431D8B36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"477EE032-D183-478F-A2BF-6165277A7414\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9190C236-0BBF-47CF-94F5-F2408D33C5CD\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples desbordamientos de buffer de las funciones xdr en el servidor de CA BrightStor ARCServe Backup 11.0, 11.1 y 11.5, permiten a atacantes remotos ejecutar c\\u00f3digo arbitrariamente, tal y como se ha demostrado mediante un desbordamiento de b\\u00fafer basado en pila a trav\\u00e9s de un par\\u00e1metro largo de la funci\\u00f3n xdr_rwsstring.\"}]",
      "id": "CVE-2008-2242",
      "lastModified": "2024-11-21T00:46:25.593",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-05-21T13:24:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/30300\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/492274/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/archive/1/492291/100/0/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/29283\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1020044\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1573/references\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-08-026/\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/42527\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/30300\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/492274/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/archive/1/492291/100/0/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/29283\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"http://www.securitytracker.com/id?1020044\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/1573/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.zerodayinitiative.com/advisories/ZDI-08-026/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/42527\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-2242\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2008-05-21T13:24:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples desbordamientos de buffer de las funciones xdr en el servidor de CA BrightStor ARCServe Backup 11.0, 11.1 y 11.5, permiten a atacantes remotos ejecutar c\u00f3digo arbitrariamente, tal y como se ha demostrado mediante un desbordamiento de b\u00fafer basado en pila a trav\u00e9s de un par\u00e1metro largo de la funci\u00f3n xdr_rwsstring.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E37161BE-6AF5-40E0-BD63-2C17431D8B36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"477EE032-D183-478F-A2BF-6165277A7414\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9190C236-0BBF-47CF-94F5-F2408D33C5CD\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/30300\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/492274/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/archive/1/492291/100/0/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/29283\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1020044\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1573/references\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-08-026/\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/42527\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/30300\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/492274/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/archive/1/492291/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/29283\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securitytracker.com/id?1020044\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2008/1573/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.zerodayinitiative.com/advisories/ZDI-08-026/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/42527\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2008-2242

Vulnerability from fkie_nvd - Published: 2008-05-21 13:24 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/30300
cve@mitre.org	http://www.securityfocus.com/archive/1/492274/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/492291/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/29283	Patch
cve@mitre.org	http://www.securitytracker.com/id?1020044
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1573/references
cve@mitre.org	http://www.zerodayinitiative.com/advisories/ZDI-08-026/
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42527
cve@mitre.org	https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30300
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/492274/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/492291/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29283	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020044
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1573/references
af854a3a-2127-422b-91ae-364da2661108	http://www.zerodayinitiative.com/advisories/ZDI-08-026/
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42527
af854a3a-2127-422b-91ae-364da2661108	https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798

Impacted products

Vendor	Product	Version
broadcom	brightstor_arcserve_backup	11.1
broadcom	brightstor_arcserve_backup	11.5
ca	brightstor_arcserve_backup	11.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9190C236-0BBF-47CF-94F5-F2408D33C5CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de buffer de las funciones xdr en el servidor de CA BrightStor ARCServe Backup 11.0, 11.1 y 11.5, permiten a atacantes remotos ejecutar c\u00f3digo arbitrariamente, tal y como se ha demostrado mediante un desbordamiento de b\u00fafer basado en pila a trav\u00e9s de un par\u00e1metro largo de la funci\u00f3n xdr_rwsstring."
    }
  ],
  "id": "CVE-2008-2242",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-05-21T13:24:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/30300"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/492291/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29283"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020044"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1573/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-026/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42527"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/30300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/492291/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1573/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-026/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42527"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2008-2242

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

Aliases

CVE-2008-2242

Aliases

CVE-2008-2242

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-2242",
    "description": "Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.",
    "id": "GSD-2008-2242"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-2242"
      ],
      "details": "Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.",
      "id": "GSD-2008-2242",
      "modified": "2023-12-13T01:23:00.321046Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2008-2242",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-026/",
            "refsource": "MISC",
            "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-026/"
          },
          {
            "name": "29283",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/29283"
          },
          {
            "name": "30300",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/30300"
          },
          {
            "name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798",
            "refsource": "CONFIRM",
            "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
          },
          {
            "name": "20080519 ZDI-08-026: CA BrightStor ARCserve Backup Remote Buffer Overflow",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/492291/100/0/threaded"
          },
          {
            "name": "ADV-2008-1573",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/1573/references"
          },
          {
            "name": "1020044",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1020044"
          },
          {
            "name": "ca-arcservebackup-xdrrwsstring-bo(42527)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42527"
          },
          {
            "name": "20080519 CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-2242"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.zerodayinitiative.com/advisories/ZDI-08-026/",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-026/"
            },
            {
              "name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
            },
            {
              "name": "29283",
              "refsource": "BID",
              "tags": [
                "Patch"
              ],
              "url": "http://www.securityfocus.com/bid/29283"
            },
            {
              "name": "30300",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/30300"
            },
            {
              "name": "1020044",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1020044"
            },
            {
              "name": "ADV-2008-1573",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2008/1573/references"
            },
            {
              "name": "ca-arcservebackup-xdrrwsstring-bo(42527)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42527"
            },
            {
              "name": "20080519 ZDI-08-026: CA BrightStor ARCserve Backup Remote Buffer Overflow",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/492291/100/0/threaded"
            },
            {
              "name": "20080519 CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2021-04-07T18:14Z",
      "publishedDate": "2008-05-21T13:24Z"
    }
  }
}

GHSA-MFQC-H8GP-97W2

Vulnerability from github – Published: 2022-05-01 23:47 – Updated: 2025-04-09 03:54

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-2242"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-05-21T13:24:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.",
  "id": "GHSA-mfqc-h8gp-97w2",
  "modified": "2025-04-09T03:54:48Z",
  "published": "2022-05-01T23:47:58Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2242"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42527"
    },
    {
      "type": "WEB",
      "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/30300"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/492291/100/0/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/29283"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1020044"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/1573/references"
    },
    {
      "type": "WEB",
      "url": "http://www.zerodayinitiative.com/advisories/ZDI-08-026"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CERTA-2008-AVI-258

Vulnerability from certfr_avis - Published: - Updated:

Deux vulnérabilités dans CA ARCserve Backup permettent à une personne malintentionnée distante de réaliser un déni de service ou d'exécuter du code arbitraire.

Description

Deux vulnérabilités ont été identifiées dans CA ARCserve Backup. La première est due à une mauvaise vérification de chemin par le service de journalisation caloggerd, ce qui permet à une personne malintentionnée d'ajouter des données à des fichiers arbitraires. La deuxième vulnérabilité est due à un débordement de mémoire ce qui permet à une personne malintentionnée d'exécuter du code arbitraire.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	CA Server Protection Suite r2 ;
N/A	N/A	CA ARCserve Backup r11.1 ;
Cisco	N/A	CA ARCserve Backup r11.5 ;
Cisco	N/A	CA ARCserve Backup r11.0 ;
Cisco	Small Business	CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 ;
Cisco	Small Business	CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2.
Cisco	N/A	CA Business Protection Suite r2 ;

References

Title

Publication Time

Tags

Bulletin de sécurité CA #17698 du 19 mai 2008	None	vendor-advisory
Bulletin de sécurité CA #176798 du 19 mai 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "CA Server Protection Suite r2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup r11.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup r11.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup r11.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 ;",
      "product": {
        "name": "Small Business",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2.",
      "product": {
        "name": "Small Business",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "CA Business Protection Suite r2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans CA ARCserve Backup. La\npremi\u00e8re est due \u00e0 une mauvaise v\u00e9rification de chemin par le service de\njournalisation caloggerd, ce qui permet \u00e0 une personne malintentionn\u00e9e\nd\u0027ajouter des donn\u00e9es \u00e0 des fichiers arbitraires. La deuxi\u00e8me\nvuln\u00e9rabilit\u00e9 est due \u00e0 un d\u00e9bordement de m\u00e9moire ce qui permet \u00e0 une\npersonne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-2241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2241"
    },
    {
      "name": "CVE-2008-2242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2242"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 CA #176798 du 19 mai 2008 :",
      "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
    }
  ],
  "reference": "CERTA-2008-AVI-258",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-05-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s dans \u003cspan class=\"textit\"\u003eCA ARCserve Backup\u003c/span\u003e\npermettent \u00e0 une personne malintentionn\u00e9e distante de r\u00e9aliser un d\u00e9ni\nde service ou d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans CA ARCserve Backup",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 CA #17698 du 19 mai 2008",
      "url": null
    }
  ]
}

CERTA-2008-AVI-258

Vulnerability from certfr_avis - Published: - Updated:

Deux vulnérabilités dans CA ARCserve Backup permettent à une personne malintentionnée distante de réaliser un déni de service ou d'exécuter du code arbitraire.

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	CA Server Protection Suite r2 ;
N/A	N/A	CA ARCserve Backup r11.1 ;
Cisco	N/A	CA ARCserve Backup r11.5 ;
Cisco	N/A	CA ARCserve Backup r11.0 ;
Cisco	Small Business	CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 ;
Cisco	Small Business	CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2.
Cisco	N/A	CA Business Protection Suite r2 ;

References

Title

Publication Time

Tags

Bulletin de sécurité CA #17698 du 19 mai 2008	None	vendor-advisory
Bulletin de sécurité CA #176798 du 19 mai 2008 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "CA Server Protection Suite r2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup r11.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup r11.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup r11.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "CA Business Protection Suite for Microsoft Small Business Server Standard Edition r2 ;",
      "product": {
        "name": "Small Business",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "CA Business Protection Suite for Microsoft Small Business Server Premium Edition r2.",
      "product": {
        "name": "Small Business",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "CA Business Protection Suite r2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nDeux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans CA ARCserve Backup. La\npremi\u00e8re est due \u00e0 une mauvaise v\u00e9rification de chemin par le service de\njournalisation caloggerd, ce qui permet \u00e0 une personne malintentionn\u00e9e\nd\u0027ajouter des donn\u00e9es \u00e0 des fichiers arbitraires. La deuxi\u00e8me\nvuln\u00e9rabilit\u00e9 est due \u00e0 un d\u00e9bordement de m\u00e9moire ce qui permet \u00e0 une\npersonne malintentionn\u00e9e d\u0027ex\u00e9cuter du code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2008-2241",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2241"
    },
    {
      "name": "CVE-2008-2242",
      "url": "https://www.cve.org/CVERecord?id=CVE-2008-2242"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 CA #176798 du 19 mai 2008 :",
      "url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
    }
  ],
  "reference": "CERTA-2008-AVI-258",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2008-05-21T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Deux vuln\u00e9rabilit\u00e9s dans \u003cspan class=\"textit\"\u003eCA ARCserve Backup\u003c/span\u003e\npermettent \u00e0 une personne malintentionn\u00e9e distante de r\u00e9aliser un d\u00e9ni\nde service ou d\u0027ex\u00e9cuter du code arbitraire.\n",
  "title": "Vuln\u00e9rabilit\u00e9s dans CA ARCserve Backup",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 CA #17698 du 19 mai 2008",
      "url": null
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2008-2242 (GCVE-0-2008-2242)

FKIE_CVE-2008-2242

GSD-2008-2242

GHSA-MFQC-H8GP-97W2

CERTA-2008-AVI-258

Description

Solution

CERTA-2008-AVI-258

Description

Solution

Tags

Sightings

Nomenclature