Lucene search
SAINT CorporationSAINT:0C33724A78F4332F2A99E64060086A75HistoryDec 26, 2006 - 12:00 a.m.
BrightStor ARCserve Backup Tape Engine ReserveGroup buffer overflow
2006-12-2600:00:00
SAINT Corporation
download.saintcorporation.com
16
0.298 Low
EPSS
Percentile
96.9%
Added: 12/26/2006
CVE: CVE-2006-6076
BID: 21221
OSVDB: 30637
Background
The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage.
Problem
A buffer overflow vulnerability in the RPC ReserveGroup function allows remote attackers to execute arbitrary commands with SYSTEM privileges by sending a malformed RPC request to port 6502/TCP.
Resolution
Apply one of the updates referenced in the Security Notice.
References
<http://www.kb.cert.org/vuls/id/437300>
<http://secunia.com/advisories/23060>
Limitations
Exploit works on BrightStor ARCserve Backup 11.5.
Platforms
Windows
Related
saint
saint
BrightStor ARCserve Backup Tape Engine GetGroupStatus buffer overflow
2006-12-22 00:00:00
BrightStor ARCserve Backup Tape Engine GetGroupStatus buffer overflow
2006-12-22 00:00:00
BrightStor ARCserve Backup Tape Engine ReserveGroup buffer overflow
2006-12-26 00:00:00
cert
cert
checkpoint_advisories
checkpoint_advisories
CA BrightStor Tape Engine Buffer Overflow - Ver2 (CVE-2006-6076)
2014-04-16 00:00:00
cvelist
cvelist
CVE-2006-6076
2006-11-24 17:00:00
CVE-2007-1447
2007-03-16 23:00:00
packetstorm
packetstorm
CA BrightStor ARCserve Tape Engine Buffer Overflow
2009-11-26 00:00:00
cve
cve
CVE-2006-6076
2006-11-24 17:07:00
CVE-2007-1447
2007-03-16 23:19:00
prion
prion
Memory corruption
2007-03-16 23:19:00
nessus
nessus
securityvulns
securityvulns
[CAID 34817, 35058, 35158, 35159]: CA BrightStor ARCserve Backup Tape Engine and Portmapper Vulnerabilities
2007-03-17 00:00:00
[CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities
2007-01-12 00:00:00
Brightstor ArcServe Backup buffer overflow
2007-04-01 00:00:00