jvndb-2008-001779
Vulnerability from jvndb
Published
2008-10-30 12:20
Modified
2008-10-30 12:20
Severity ?
() - -
Summary
CA ARCserver Backup and CA ARCserve Backup Client Agent Denial of Service (DoS) Vulnerability
Details
CA ARCserve Backup and CA ARCserve Backup Client Agent fail to properly handle packets with a large integer value used in an increment to TCP port 41523, which leads to a denial of service (DoS).
References
CVE http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1979
NVD http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1979
SECUNIA http://secunia.com/advisories/29855
BID http://www.securityfocus.com/bid/28927
SECTRACK http://www.securitytracker.com/id?1020324
FRSIRT http://www.frsirt.com/english/advisories/2008/1354
JVNDB_Ja http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001779.html
Numeric Errors(CWE-189) https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html
Impacted products
CA TechnologiesCA ARCserve Backup
CA TechnologiesCA Business Protection Suite
CA TechnologiesCA Server Protection Suite
Hitachi, LtdCA ARCserve Backup
Hitachi, LtdBrightStor ARCserve Backup
Show details on JVN DB website

To clipboard 

{
  "@rdf:about": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-001779.html",
  "dc:date": "2008-10-30T12:20+09:00",
  "dcterms:issued": "2008-10-30T12:20+09:00",
  "dcterms:modified": "2008-10-30T12:20+09:00",
  "description": "CA ARCserve Backup and CA ARCserve Backup Client Agent fail to properly handle packets with a large integer value used in an increment to TCP port 41523, which leads to a denial of service (DoS).",
  "link": "https://jvndb.jvn.jp/en/contents/2008/JVNDB-2008-001779.html",
  "sec:cpe": [
    {
      "#text": "cpe:/a:ca:arcserve_backup",
      "@product": "CA ARCserve Backup",
      "@vendor": "CA Technologies",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:ca:business_protection_suite",
      "@product": "CA Business Protection Suite",
      "@vendor": "CA Technologies",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:ca:server_protection_suite",
      "@product": "CA Server Protection Suite",
      "@vendor": "CA Technologies",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:arcserve_backup",
      "@product": "CA ARCserve Backup",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    },
    {
      "#text": "cpe:/a:hitachi:brightstor_arcserve_backup",
      "@product": "BrightStor ARCserve Backup",
      "@vendor": "Hitachi, Ltd",
      "@version": "2.2"
    }
  ],
  "sec:cvss": {
    "@score": "5.0",
    "@severity": "Medium",
    "@type": "Base",
    "@vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
    "@version": "2.0"
  },
  "sec:identifier": "JVNDB-2008-001779",
  "sec:references": [
    {
      "#text": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1979",
      "@id": "CVE-2008-1979",
      "@source": "CVE"
    },
    {
      "#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1979",
      "@id": "CVE-2008-1979",
      "@source": "NVD"
    },
    {
      "#text": "http://secunia.com/advisories/29855",
      "@id": "SA29855",
      "@source": "SECUNIA"
    },
    {
      "#text": "http://www.securityfocus.com/bid/28927",
      "@id": "28927",
      "@source": "BID"
    },
    {
      "#text": "http://www.securitytracker.com/id?1020324",
      "@id": "1020324",
      "@source": "SECTRACK"
    },
    {
      "#text": "http://www.frsirt.com/english/advisories/2008/1354",
      "@id": "FrSIRT/ADV-2008-1354",
      "@source": "FRSIRT"
    },
    {
      "#text": "http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001779.html",
      "@id": "JVNDB-2008-001779",
      "@source": "JVNDB_Ja"
    },
    {
      "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
      "@id": "CWE-189",
      "@title": "Numeric Errors(CWE-189)"
    }
  ],
  "title": "CA ARCserver Backup and CA ARCserve Backup Client Agent Denial of Service (DoS) Vulnerability"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.