Lucene search

[email protected]CVE-2008-1979

HistoryApr 27, 2008 - 8:05 p.m.

CVE-2008-1979

2008-04-2720:05:00

CWE-189

[email protected]

web.nvd.nist.gov

cve-2008-1979

discovery service

ca arcserve backup

denial of service

remote attack

buffer over-read

nvd

7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.549 Medium

EPSS

Percentile

97.6%

JSON

The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read.

CPENameOperatorVersion
broadcom:brightstor_arcserve_backupbroadcom brightstor arcserve backuple12.0.5454.0

CPE	Name	Operator	Version
broadcom:brightstor_arcserve_backup	broadcom brightstor arcserve backup	le	12.0.5454.0

References

aluigi.altervista.org/adv/carcbackazz-adv.txt

secunia.com/advisories/29855

www.securityfocus.com/archive/1/493430/100/0/threaded

www.securityfocus.com/bid/28927

www.securitytracker.com/id?1020324

www.vupen.com/english/advisories/2008/1354

exchange.xforce.ibmcloud.com/vulnerabilities/41869

7 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.549 Medium

EPSS

Percentile

97.6%

JSON

Related for CVE-2008-1979

checkpoint_advisories2 prion1 securityvulns2