Vulnerabilites related to ca - business_protection_suite
CVE-2007-0673 (GCVE-0-2007-0673)
Vulnerability from cvelistv5
Published
2007-02-03 01:00
Modified
2024-08-07 12:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070131 Remote DOS BrightStor ARCserve Backup for Laptops \u0026 Desktops",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/458650/100/0/threaded"
},
{
"name": "22337",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22337"
},
{
"name": "32948",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32948"
},
{
"name": "2218",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2218"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LGSERVER.EXE in BrightStor ARCserve Backup for Laptops \u0026 Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070131 Remote DOS BrightStor ARCserve Backup for Laptops \u0026 Desktops",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/458650/100/0/threaded"
},
{
"name": "22337",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22337"
},
{
"name": "32948",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32948"
},
{
"name": "2218",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2218"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LGSERVER.EXE in BrightStor ARCserve Backup for Laptops \u0026 Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070131 Remote DOS BrightStor ARCserve Backup for Laptops \u0026 Desktops",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458650/100/0/threaded"
},
{
"name": "22337",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22337"
},
{
"name": "32948",
"refsource": "OSVDB",
"url": "http://osvdb.org/32948"
},
{
"name": "2218",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2218"
},
{
"name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0673",
"datePublished": "2007-02-03T01:00:00",
"dateReserved": "2007-02-02T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4398 (GCVE-0-2008-4398)
Vulnerability from cvelistv5
Published
2008-10-14 20:00
Modified
2024-08-07 10:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request.
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "ca-arcservebackup-tape-engine-dos(45775)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45775"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "ca-arcservebackup-tape-engine-dos(45775)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45775"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4398",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ADV-2008-2777",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "ca-arcservebackup-tape-engine-dos(45775)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45775"
},
{
"name": "1021032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4398",
"datePublished": "2008-10-14T20:00:00",
"dateReserved": "2008-10-02T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5329 (GCVE-0-2007-5329)
Vulnerability from cvelistv5
Published
2007-10-13 00:00
Modified
2024-08-07 15:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.473Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27192"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "ca-brightstor-dbasvr-code-execution(37068)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37068"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "41372",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41372"
},
{
"name": "26015",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26015"
},
{
"name": "1018805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "ADV-2007-3470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27192"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "ca-brightstor-dbasvr-code-execution(37068)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37068"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "41372",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41372"
},
{
"name": "26015",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26015"
},
{
"name": "1018805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "ADV-2007-3470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27192",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27192"
},
{
"name": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "ca-brightstor-dbasvr-code-execution(37068)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37068"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "41372",
"refsource": "OSVDB",
"url": "http://osvdb.org/41372"
},
{
"name": "26015",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26015"
},
{
"name": "1018805",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "ADV-2007-3470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5329",
"datePublished": "2007-10-13T00:00:00",
"dateReserved": "2007-10-10T00:00:00",
"dateUpdated": "2024-08-07T15:24:42.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4400 (GCVE-0-2008-4400)
Vulnerability from cvelistv5
Published
2008-10-14 20:00
Modified
2024-08-07 10:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.766Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "ca-arcservebackup-authentication-dos(45777)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45777"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to \"insufficient validation.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "ca-arcservebackup-authentication-dos(45777)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45777"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4400",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to \"insufficient validation.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ADV-2008-2777",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "ca-arcservebackup-authentication-dos(45777)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45777"
},
{
"name": "1021032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4400",
"datePublished": "2008-10-14T20:00:00",
"dateReserved": "2008-10-02T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4397 (GCVE-0-2008-4397)
Vulnerability from cvelistv5
Published
2008-10-14 20:00
Modified
2024-08-07 10:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.227Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ca-arcservebackup-message-command-execution(45774)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45774"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"name": "20081011 CA BrightStor ARCServe BackUp Message Engine Remote Command Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497281/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"name": "4412",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/4412"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ca-arcservebackup-message-command-execution(45774)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45774"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"name": "20081011 CA BrightStor ARCServe BackUp Message Engine Remote Command Injection Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497281/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"name": "4412",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/4412"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4397",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ca-arcservebackup-message-command-execution(45774)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45774"
},
{
"name": "ADV-2008-2777",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "1021032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"name": "20081011 CA BrightStor ARCServe BackUp Message Engine Remote Command Injection Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497281/100/0/threaded"
},
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"name": "4412",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/4412"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4397",
"datePublished": "2008-10-14T20:00:00",
"dateReserved": "2008-10-02T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.227Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-0672 (GCVE-0-2007-0672)
Vulnerability from cvelistv5
Published
2007-02-03 01:00
Modified
2024-08-07 12:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070131 Remote Unauthenticated Resource Exhaustion CA Mobile BackupService",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/458653/100/0/threaded"
},
{
"name": "22339",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22339"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\\Server\\data\\transfer\\."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070131 Remote Unauthenticated Resource Exhaustion CA Mobile BackupService",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/458653/100/0/threaded"
},
{
"name": "22339",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22339"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0672",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\\Server\\data\\transfer\\."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070131 Remote Unauthenticated Resource Exhaustion CA Mobile BackupService",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458653/100/0/threaded"
},
{
"name": "22339",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22339"
},
{
"name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0672",
"datePublished": "2007-02-03T01:00:00",
"dateReserved": "2007-02-02T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5331 (GCVE-0-2007-5331)
Vulnerability from cvelistv5
Published
2007-10-13 00:00
Modified
2024-08-07 15:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27192"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "24680",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24680"
},
{
"name": "20071011 EEYE: CA BrightStor ArcServe Backup Server Arbitrary Pointer Dereference",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482114/100/0/threaded"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "AD20071011",
"tags": [
"third-party-advisory",
"x_refsource_EEYE",
"x_transferred"
],
"url": "http://research.eeye.com/html/advisories/published/AD20071011.html"
},
{
"name": "ca-brightstor-lqserver-code-execution(37071)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37071"
},
{
"name": "1018805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "41371",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41371"
},
{
"name": "ADV-2007-3470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27192"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "24680",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24680"
},
{
"name": "20071011 EEYE: CA BrightStor ArcServe Backup Server Arbitrary Pointer Dereference",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482114/100/0/threaded"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "AD20071011",
"tags": [
"third-party-advisory",
"x_refsource_EEYE"
],
"url": "http://research.eeye.com/html/advisories/published/AD20071011.html"
},
{
"name": "ca-brightstor-lqserver-code-execution(37071)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37071"
},
{
"name": "1018805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "41371",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41371"
},
{
"name": "ADV-2007-3470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5331",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27192",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27192"
},
{
"name": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "24680",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24680"
},
{
"name": "20071011 EEYE: CA BrightStor ArcServe Backup Server Arbitrary Pointer Dereference",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482114/100/0/threaded"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "AD20071011",
"refsource": "EEYE",
"url": "http://research.eeye.com/html/advisories/published/AD20071011.html"
},
{
"name": "ca-brightstor-lqserver-code-execution(37071)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37071"
},
{
"name": "1018805",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "41371",
"refsource": "OSVDB",
"url": "http://osvdb.org/41371"
},
{
"name": "ADV-2007-3470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5331",
"datePublished": "2007-10-13T00:00:00",
"dateReserved": "2007-10-10T00:00:00",
"dateUpdated": "2024-08-07T15:24:42.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-2139 (GCVE-0-2007-2139)
Vulnerability from cvelistv5
Published
2007-04-25 20:00
Modified
2024-08-07 13:23
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:23:50.811Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "2628",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2628"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp"
},
{
"name": "VU#979825",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/979825"
},
{
"name": "35326",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/35326"
},
{
"name": "24972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24972"
},
{
"name": "brightstor-sun-rpc-bo(33854)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33854"
},
{
"name": "23635",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23635"
},
{
"name": "20070424 ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/466790/100/0/threaded"
},
{
"name": "1017952",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017952"
},
{
"name": "ADV-2007-1529",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1529"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-04-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "2628",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2628"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp"
},
{
"name": "VU#979825",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/979825"
},
{
"name": "35326",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/35326"
},
{
"name": "24972",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24972"
},
{
"name": "brightstor-sun-rpc-bo(33854)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33854"
},
{
"name": "23635",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23635"
},
{
"name": "20070424 ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/466790/100/0/threaded"
},
{
"name": "1017952",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017952"
},
{
"name": "ADV-2007-1529",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1529"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-2139",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "2628",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2628"
},
{
"name": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp"
},
{
"name": "VU#979825",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/979825"
},
{
"name": "35326",
"refsource": "OSVDB",
"url": "http://osvdb.org/35326"
},
{
"name": "24972",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24972"
},
{
"name": "brightstor-sun-rpc-bo(33854)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33854"
},
{
"name": "23635",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23635"
},
{
"name": "20070424 ZDI-07-022: CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/466790/100/0/threaded"
},
{
"name": "1017952",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017952"
},
{
"name": "ADV-2007-1529",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1529"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-2139",
"datePublished": "2007-04-25T20:00:00",
"dateReserved": "2007-04-18T00:00:00",
"dateUpdated": "2024-08-07T13:23:50.811Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-2241 (GCVE-0-2008-2241)
Vulnerability from cvelistv5
Published
2008-05-21 10:00
Modified
2024-08-07 08:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:58:00.830Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29283"
},
{
"name": "30300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30300"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-027/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
},
{
"name": "ADV-2008-1573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1573/references"
},
{
"name": "20080519 ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/492266/100/0/threaded"
},
{
"name": "ca-arcservebackup-caloggerd-code-execution(42524)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42524"
},
{
"name": "20080519 CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
},
{
"name": "1020043",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020043"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29283"
},
{
"name": "30300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30300"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-027/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
},
{
"name": "ADV-2008-1573",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1573/references"
},
{
"name": "20080519 ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/492266/100/0/threaded"
},
{
"name": "ca-arcservebackup-caloggerd-code-execution(42524)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42524"
},
{
"name": "20080519 CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
},
{
"name": "1020043",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020043"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-2241",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29283"
},
{
"name": "30300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30300"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-08-027/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-027/"
},
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
},
{
"name": "ADV-2008-1573",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1573/references"
},
{
"name": "20080519 ZDI-08-027: CA BrightStor ARCserve Backup Arbitrary File Writing Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/492266/100/0/threaded"
},
{
"name": "ca-arcservebackup-caloggerd-code-execution(42524)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42524"
},
{
"name": "20080519 CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
},
{
"name": "1020043",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020043"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-2241",
"datePublished": "2008-05-21T10:00:00",
"dateReserved": "2008-05-16T00:00:00",
"dateUpdated": "2024-08-07T08:58:00.830Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2008-4399 (GCVE-0-2008-4399)
Vulnerability from cvelistv5
Published
2008-10-14 20:00
Modified
2024-08-07 10:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation."
References
| ► | URL | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:17:09.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ca-arcservebackup-database-engine-dos(45776)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45776"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/497218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-10-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to \"insufficient validation.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31684",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ca-arcservebackup-database-engine-dos(45776)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45776"
},
{
"name": "ADV-2008-2777",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "1021032",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/497218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-4399",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to \"insufficient validation.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31684",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"name": "ca-arcservebackup-database-engine-dos(45776)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45776"
},
{
"name": "ADV-2008-2777",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"name": "1021032",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"name": "32220",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32220"
},
{
"name": "20081009 CA ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/497218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-4399",
"datePublished": "2008-10-14T20:00:00",
"dateReserved": "2008-10-02T00:00:00",
"dateUpdated": "2024-08-07T10:17:09.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5326 (GCVE-0-2007-5326)
Vulnerability from cvelistv5
Published
2007-10-13 00:00
Modified
2024-08-07 15:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.583Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27192"
},
{
"name": "41368",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/41368"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2007-49/advisory/"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "26015",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26015"
},
{
"name": "1018805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "ADV-2007-3470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27192",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27192"
},
{
"name": "41368",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/41368"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2007-49/advisory/"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "26015",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26015"
},
{
"name": "1018805",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "ADV-2007-3470",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5326",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27192",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27192"
},
{
"name": "41368",
"refsource": "OSVDB",
"url": "http://osvdb.org/41368"
},
{
"name": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"name": "http://secunia.com/secunia_research/2007-49/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2007-49/advisory/"
},
{
"name": "20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"name": "26015",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26015"
},
{
"name": "1018805",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"name": "ADV-2007-3470",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5326",
"datePublished": "2007-10-13T00:00:00",
"dateReserved": "2007-10-10T00:00:00",
"dateUpdated": "2024-08-07T15:24:42.583Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-02-03 01:28
Modified
2025-04-09 00:30
Severity ?
Summary
LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9DAE8E8B-7FD6-43CB-B07A-6D3B31E94DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "237F2346-0B9B-4CE8-8EF9-813CB3F1BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB698F99-FC87-4D59-9E01-3CE7A57FE0E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_premium:*:*:*:*:*",
"matchCriteriaId": "2429EE00-5359-4C47-A634-8DBC57253266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_standard:*:*:*:*:*",
"matchCriteriaId": "F33EE596-0901-4A13-BAA1-1A7C7C16AD27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LGSERVER.EXE in BrightStor ARCserve Backup for Laptops \u0026 Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read."
},
{
"lang": "es",
"value": "El archivo LGSERVER.EXE en BrightStor ARCserve Backup para Ordenadores Port\u00e1tiles y de Escritorio versi\u00f3n r11.1 permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo del demonio) por medio de un valor de 0xFFFFFFFF en un determinado punto en un paquete de negociaci\u00f3n de autenticaci\u00f3n, resultando en una lectura fuera de l\u00edmites."
}
],
"id": "CVE-2007-0673",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-03T01:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/32948"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2218"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/458650/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/22337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/32948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/458650/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/22337"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-25 20:19
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | 9.01 | |
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | business_protection_suite | 2.0 | |
| broadcom | server_protection_suite | 2 | |
| ca | brightstor_arcserve_backup | 11 | |
| ca | business_protection_suite | 2.0 | |
| ca | business_protection_suite | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp2:*:*:*:*:*:*",
"matchCriteriaId": "C689BA77-8B88-4742-9AF1-567E12B92E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_premium:*:*:*:*:*",
"matchCriteriaId": "2429EE00-5359-4C47-A634-8DBC57253266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_standard:*:*:*:*:*",
"matchCriteriaId": "F33EE596-0901-4A13-BAA1-1A7C7C16AD27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785."
},
{
"lang": "es",
"value": "M\u00faltiple desbordamiento de b\u00fafer basado en pila en el servicio SUN RPC del CA (antiguamente Computer Associates) BrightStor ARCserve Media Server, como el utilizado en el BrightStor ARCserve Backup 9.01 hasta la 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2 y Business Protection Suite 2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de cadenas RPC mal formadas. Vulnerabilidad diferente a las CVE-2006-5171, CVE-2006-5172 y CVE-2007-1785."
}
],
"id": "CVE-2007-2139",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-25T20:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/35326"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/24972"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2628"
},
{
"source": "cve@mitre.org",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/979825"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/466790/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23635"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1017952"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1529"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33854"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/35326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/24972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2628"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/979825"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/466790/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1017952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1529"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-07-022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33854"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-05-21 13:24
Modified
2025-04-09 00:30
Severity ?
Summary
Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | server_protection_suite | 2 | |
| ca | brightstor_arcserve_backup | 11.0 | |
| ca | brightstor_arcserve_backup | r11.0 | |
| ca | business_protection_suite | 2.0 | |
| ca | business_protection_suite | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9190C236-0BBF-47CF-94F5-F2408D33C5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:r11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1812E8C2-895E-4179-B313-22C8EB527544",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "1366038C-7552-44C7-BB01-316AA0D088F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "D24EEBF9-8301-4E8E-8AE1-E41774EDEFD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en caloggerd de BrightStor ARCServe Backup 11.0, 11.1 y 11.5, permite a atacantes remotos a\u00f1adir datos a archivos arbitrariamente a trav\u00e9s de secuencias de salto de directorio en archivos de entrada no especificados, que son utilizados en mensajes de log. NOTA: puede aprovecharse para ejecuci\u00f3n de c\u00f3digo en muchos entornos de instalaci\u00f3n escribiendo en un fichero archivo de inicio o en un archivo de configuraci\u00f3n."
}
],
"id": "CVE-2008-2241",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-05-21T13:24:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/30300"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/492266/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/29283"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020043"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1573/references"
},
{
"source": "cve@mitre.org",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-027/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42524"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30300"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/492266/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/492274/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/29283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1573/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-08-027/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42524"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:10
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | arcserve_backup | r12.0 | |
| broadcom | business_protection_suite | r2 | |
| broadcom | server_protection_suite | r2 | |
| ca | arcserve_backup | r11.1 | |
| ca | arcserve_backup | r11.5 | |
| ca | business_protection_suite | r2 | |
| ca | business_protection_suite | r2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:arcserve_backup:r12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AB3E8F-50D3-41EC-BC2B-CF86FB4801E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "9389EFCA-4989-4946-A92C-8C54EE9E55B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "97C8F8E4-C75F-49FF-82AA-295286BA26CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8713893-59CE-486A-9262-E755A8F2D58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "05B760BC-64EF-4BE1-BBB5-70B9DCC5E74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "19A3DA98-A072-4EE3-8542-A0AF89F9DBCD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to \"insufficient validation.\""
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en asdbapi.dll de CA ARCserve Backup (antes llamado BrightStor ARCserve Backup)r11.1 hasta r12.0 permite a un atacante remoto causar una denegaci\u00f3n de servicio (ca\u00edda de varios servicios) por medio de credenciales de autentificaci\u00f3n manipulados, relacionado con una validaci\u00f3n insuficiente."
}
],
"id": "CVE-2008-4400",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:10:35.753",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45777"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-13 00:17
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | 9.01 | |
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | brightstor_enterprise_backup | 10.5 | |
| broadcom | business_protection_suite | 2.0 | |
| broadcom | server_protection_suite | 2 | |
| ca | brightstor_arcserve_backup | 11 | |
| ca | business_protection_suite | 2.0 | |
| ca | business_protection_suite | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "1366038C-7552-44C7-BB01-316AA0D088F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "D24EEBF9-8301-4E8E-8AE1-E41774EDEFD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en el dbasvr del CA BrightStor ARCServe BackUp v9.01 hasta la R11.5 y el Enterprise Backup r10.5, tiene un impacto desconocido y vectores de ataque relacionados con la corrupci\u00f3n de memoria."
}
],
"id": "CVE-2007-5329",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-13T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/41372"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27192"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26015"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3470"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37068"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/41372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37068"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:10
Modified
2025-04-09 00:30
Severity ?
Summary
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | arcserve_backup | r12.0 | |
| broadcom | business_protection_suite | r2 | |
| broadcom | server_protection_suite | r2 | |
| ca | arcserve_backup | r11.1 | |
| ca | arcserve_backup | r11.5 | |
| ca | business_protection_suite | r2 | |
| ca | business_protection_suite | r2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:arcserve_backup:r12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AB3E8F-50D3-41EC-BC2B-CF86FB4801E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "9389EFCA-4989-4946-A92C-8C54EE9E55B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "97C8F8E4-C75F-49FF-82AA-295286BA26CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8713893-59CE-486A-9262-E755A8F2D58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "05B760BC-64EF-4BE1-BBB5-70B9DCC5E74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "19A3DA98-A072-4EE3-8542-A0AF89F9DBCD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en la interfaz RPC (asdbapi.dll) en CA ARCserve Backup (antes BrightStor ARCserve Backup) vr11.1 hasta vr12.0 permite a atacantes remotos ejecutar comandos de su elecci\u00f3n a trav\u00e9s de .. (punto punto) en una llamada RPC con un opnum 0x10A."
}
],
"id": "CVE-2008-4397",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:10:35.677",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/4412"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497281/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45774"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/4412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497281/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:10
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | arcserve_backup | r12.0 | |
| broadcom | business_protection_suite | r2 | |
| broadcom | server_protection_suite | r2 | |
| ca | arcserve_backup | r11.1 | |
| ca | arcserve_backup | r11.5 | |
| ca | business_protection_suite | r2 | |
| ca | business_protection_suite | r2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:arcserve_backup:r12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AB3E8F-50D3-41EC-BC2B-CF86FB4801E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "9389EFCA-4989-4946-A92C-8C54EE9E55B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "97C8F8E4-C75F-49FF-82AA-295286BA26CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8713893-59CE-486A-9262-E755A8F2D58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "05B760BC-64EF-4BE1-BBB5-70B9DCC5E74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "19A3DA98-A072-4EE3-8542-A0AF89F9DBCD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to \"insufficient validation.\""
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el servicio del motor de la base de datos en asdbapi.dll en CA ARCserve Backup (antes BrightStor ARCserve Backup) vr11.1 hasta vr12.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de una petici\u00f3n manipulada, relacionado con \"validaci\u00f3n insuficiente\"."
}
],
"id": "CVE-2008-4399",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:10:35.723",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45776"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45776"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-03 01:28
Modified
2025-04-09 00:30
Severity ?
Summary
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9DAE8E8B-7FD6-43CB-B07A-6D3B31E94DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "237F2346-0B9B-4CE8-8EF9-813CB3F1BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB698F99-FC87-4D59-9E01-3CE7A57FE0E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_premium:*:*:*:*:*",
"matchCriteriaId": "2429EE00-5359-4C47-A634-8DBC57253266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_standard:*:*:*:*:*",
"matchCriteriaId": "F33EE596-0901-4A13-BAA1-1A7C7C16AD27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\\Server\\data\\transfer\\."
},
{
"lang": "es",
"value": "LGSERVER.EXE de BrightStor Mobile Backup 4.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de disco y colapso de demonio) mediante un valor 0xFFFFFF7F en un punto concreto en un paquete de negociaci\u00f3n de autenticaci\u00f3n, que escribe una cantidad grade de datos a un fichero . USX en CA_BABLDdata\\Server\\data\\transfer\\."
}
],
"id": "CVE-2007-0672",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-03T01:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/458653/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/22339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/458653/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/22339"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-13 00:17
Modified
2025-04-09 00:30
Severity ?
Summary
Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | 9.01 | |
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | brightstor_enterprise_backup | 10.5 | |
| broadcom | business_protection_suite | 2.0 | |
| broadcom | server_protection_suite | 2 | |
| ca | brightstor_arcserve_backup | 11 | |
| ca | business_protection_suite | 2.0 | |
| ca | business_protection_suite | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "1366038C-7552-44C7-BB01-316AA0D088F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "D24EEBF9-8301-4E8E-8AE1-E41774EDEFD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers."
},
{
"lang": "es",
"value": "La biblioteca Queue.dll para el servicio de colas de mensajes (LQserver.exe) en CA BrightStor ARCServe BackUp versi\u00f3n v9.01 hasta R11.5, y Enterprise Backup r10.5, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una petici\u00f3n de protocolo ONRPC malformada para la operaci\u00f3n 0x76, lo que hace que ARCserve Backup elimine la referencia de punteros arbitrarios."
}
],
"id": "CVE-2007-5331",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-13T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/41371"
},
{
"source": "cve@mitre.org",
"url": "http://research.eeye.com/html/advisories/published/AD20071011.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27192"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/482114/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24680"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/41371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.eeye.com/html/advisories/published/AD20071011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/27192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/482114/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/3470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37071"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-13 00:17
Modified
2025-04-09 00:30
Severity ?
Summary
Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | 9.01 | |
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | brightstor_enterprise_backup | 10.5 | |
| broadcom | business_protection_suite | 2.0 | |
| broadcom | server_protection_suite | 2 | |
| ca | brightstor_arcserve_backup | 11 | |
| ca | business_protection_suite | 2.0 | |
| ca | business_protection_suite | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*",
"matchCriteriaId": "F52790F8-0D23-47F4-B7F7-6CB0F7B6EA14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*",
"matchCriteriaId": "78AA54EA-DAF1-4635-AA1B-E2E49C4BB597",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*",
"matchCriteriaId": "A8781759-7B4C-47C3-8A60-8CA5520360C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*",
"matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "1366038C-7552-44C7-BB01-316AA0D088F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "D24EEBF9-8301-4E8E-8AE1-E41774EDEFD9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en (1) RPC y (2) rpcx.dll de CA BrightStor ARCServer BackUp v9.01 hasta R11.5, y Enterprise Backup r10.5, permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2007-5326",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-13T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/41368"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27192"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-49/advisory/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26015"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3470"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/41368"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/secunia_research/2007-49/advisory/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/482121/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3470"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-10-14 21:10
Modified
2025-04-09 00:30
Severity ?
Summary
Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | arcserve_backup | r12.0 | |
| broadcom | business_protection_suite | r2 | |
| broadcom | server_protection_suite | r2 | |
| ca | arcserve_backup | r11.1 | |
| ca | arcserve_backup | r11.5 | |
| ca | business_protection_suite | r2 | |
| ca | business_protection_suite | r2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:arcserve_backup:r12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AB3E8F-50D3-41EC-BC2B-CF86FB4801E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "9389EFCA-4989-4946-A92C-8C54EE9E55B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:server_protection_suite:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "97C8F8E4-C75F-49FF-82AA-295286BA26CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D8713893-59CE-486A-9262-E755A8F2D58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup:r11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D8275AC1-81C5-4D9F-A61B-1A908BDDE0F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_premium:*:*:*:*:*",
"matchCriteriaId": "05B760BC-64EF-4BE1-BBB5-70B9DCC5E74A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:r2:*:microsoft_small_business_server_standard:*:*:*:*:*",
"matchCriteriaId": "19A3DA98-A072-4EE3-8542-A0AF89F9DBCD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el servicio de motor de cinta en asdbapi.dll de CA ARCserve Backup (anteriormente BrightStor ARCserve Backup) de r11.1 a r12.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) mediante una petici\u00f3n manipulada."
}
],
"id": "CVE-2008-4398",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-10-14T21:10:35.707",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45775"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32220"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/497218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31684"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/2777"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=188143"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}