CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
97.1%
Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502.
Vendor | Product | Version | CPE |
---|---|---|---|
broadcom | brightstor_arcserve_backup | * | cpe:2.3:a:broadcom:brightstor_arcserve_backup:*:*:*:*:*:*:*:* |
broadcom | brightstor_arcserve_backup | 11.1 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:* |
broadcom | brightstor_arcserve_backup | 11.5 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp1:*:*:*:*:*:* |
ca | brightstor_arcserve_backup | 11 | cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:* |
ca | brightstor_arcserve_backup | 11.1 | cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:* |
ca | brightstor_arcserve_backup_agent | 11.0 | cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sql:*:*:*:*:* |
ca | brightstor_arcserve_backup_agent | 11.1 | cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sql:*:*:*:*:* |
lists.grok.org.uk/pipermail/full-disclosure/2006-November/050808.html
lists.grok.org.uk/pipermail/full-disclosure/2006-November/050814.html
secunia.com/advisories/23060
secunia.com/advisories/24512
securitytracker.com/id?1017268
supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp
www.kb.cert.org/vuls/id/437300
www.securityfocus.com/archive/1/452222/100/0/threaded
www.securityfocus.com/archive/1/452318/100/0/threaded
www.securityfocus.com/archive/1/456711
www.securityfocus.com/bid/21221
www.vupen.com/english/advisories/2006/4654
www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817
exchange.xforce.ibmcloud.com/vulnerabilities/30453