Lucene search

[email protected]NVD:CVE-2006-5143

HistoryOct 10, 2006 - 4:06 a.m.

CVE-2006-5143

2006-10-1004:06:00

CWE-119

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.97 High

EPSS

Percentile

99.8%

JSON

Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; and Business Protection Suite r2 allow remote attackers to execute arbitrary code via crafted data on TCP port 6071 to the Backup Agent RPC Server (DBASVR.exe) using the RPC routines with opcode (1) 0x01, (2) 0x02, or (3) 0x18; invalid stub data on TCP port 6503 to the RPC routines with opcode (4) 0x2b or (5) 0x2d in ASCORE.dll in the Message Engine RPC Server (msgeng.exe); (6) a long hostname on TCP port 41523 to ASBRDCST.DLL in the Discovery Service (casdscsvc.exe); or unspecified vectors related to the (7) Job Engine Service.

Affected configurations

NVD

Node

broadcombrightstor_arcserve_backupRange≤11.5sp1

broadcombrightstor_arcserve_backupMatch9.01

broadcombrightstor_arcserve_backupMatch11.1

broadcombrightstor_enterprise_backupMatch10.5

broadcombusiness_protection_suiteMatch2.0

broadcomserver_protection_suiteMatch2

cabrightstor_arcserve_backupMatch11windows

References

secunia.com/advisories/22285

securitytracker.com/id?1017003

securitytracker.com/id?1017004

securitytracker.com/id?1017005

securitytracker.com/id?1017006

supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp

www.kb.cert.org/vuls/id/361792

www.kb.cert.org/vuls/id/860048

www.lssec.com/advisories/LS-20060220.pdf

www.lssec.com/advisories/LS-20060313.pdf

www.lssec.com/advisories/LS-20060330.pdf

www.securityfocus.com/archive/1/447839/100/100/threaded

www.securityfocus.com/archive/1/447847/100/200/threaded

www.securityfocus.com/archive/1/447848/100/100/threaded

www.securityfocus.com/archive/1/447862/100/100/threaded

www.securityfocus.com/archive/1/447926/100/200/threaded

www.securityfocus.com/archive/1/447927/100/200/threaded

www.securityfocus.com/archive/1/447930/100/200/threaded

www.securityfocus.com/bid/20365

www.tippingpoint.com/security/advisories/TSRT-06-11.html

www.vupen.com/english/advisories/2006/3930

www.zerodayinitiative.com/advisories/ZDI-06-030.html

www.zerodayinitiative.com/advisories/ZDI-06-031.html

www3.ca.com/securityadvisor/blogs/posting.aspx?pid=93775&id=90744

www3.ca.com/securityadvisor/blogs/posting.aspx?pid=94397&id=90744

www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34693

exchange.xforce.ibmcloud.com/vulnerabilities/29364

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.6 High

AI Score

Confidence

Low

0.97 High

EPSS

Percentile

99.8%

JSON

Related for NVD:CVE-2006-5143

zdi2 packetstorm1 saint8 securityvulns5 cert2 checkpoint_advisories3 canvas1 cve1 cvelist1 nessus2