Stack overflow

2007-10-0120:17:00

PRIOn knowledge base

www.prio-n.com

8.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.945 High

EPSS

Percentile

99.2%

JSON

Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function.

CPENameOperatorVersion
brightstor_arcserve_backup_laptops_desktopseq4.0
brightstor_arcserve_backup_laptops_desktopseq11.5
brightstor_arcserve_backup_laptops_desktopseq11.0
brightstor_arcserve_backup_laptops_desktopseq11.1
brightstor_arcserve_backup_laptops_desktopseq11.1 sp1
desktop_management_suiteeq11.2
desktop_management_suiteeq11.0
desktop_management_suiteeq11.1
protection_suiteseq2.0.114

Name	Operator	Version
brightstor_arcserve_backup_laptops_desktops	eq	4.0
brightstor_arcserve_backup_laptops_desktops	eq	11.5
brightstor_arcserve_backup_laptops_desktops	eq	11.0
brightstor_arcserve_backup_laptops_desktops	eq	11.1
brightstor_arcserve_backup_laptops_desktops	eq	11.1 sp1
desktop_management_suite	eq	11.2
desktop_management_suite	eq	11.0
desktop_management_suite	eq	11.1
protection_suites	eq	2.0.114