Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:93F3B7F6C1309A4DA573F9C4A7C93E79
HistoryFeb 09, 2007 - 12:00 a.m.

BrightStor ARCserve Backup Tape Engine opnum 0xCF buffer overflow

2007-02-0900:00:00
SAINT Corporation
download.saintcorporation.com
16

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.943 High

EPSS

Percentile

99.2%

JSON

Added: 02/09/2007
CVE: CVE-2007-0169
BID: 22005
OSVDB: 31327

Background

The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage.

Problem

A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary commands by sending a specially crafted request with opnum 0xCF to the Tape Engine RPC service.

Resolution

Apply one of the fixes referenced in the Security Notice.

References

<http://www.zerodayinitiative.com/advisories/ZDI-07-004.html&gt;

Limitations

Exploit works on BrightStor ARCserve Backup r11.5 SP2.

Platforms

Windows

Related

saint 11
securityvulns 4
zdi 2
cve 1
checkpoint_advisories 3
packetstorm 1
prion 1
cert 2
nessus 2
saint
saint
BrightStor ARCserve Message Engine opnum 0x2f buffer overflow
2007-01-19 00:00:00
BrightStor ARCserve Message Engine opnum 0x75 buffer overflow
2007-01-24 00:00:00
BrightStor ARCserve Message Engine opnum 0x2f buffer overflow
2007-01-19 00:00:00
securityvulns
securityvulns
ZDI-07-003: CA BrightStor ARCserve Backup Message Engine Buffer Overflow Vulnerability
2007-01-12 00:00:00
ZDI-07-004: CA BrightStor ARCserve Backup Tape Engine Buffer Overflow Vulnerability
2007-01-12 00:00:00
[CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities
2007-01-12 00:00:00
zdi
zdi
CA BrightStor ARCserve Backup Message Engine Buffer Overflow Vulnerability
2007-01-11 00:00:00
CA BrightStor ARCserve Backup Tape Engine Buffer Overflow Vulnerability
2007-01-11 00:00:00
cve
cve
CVE-2007-0169
2007-01-11 22:28:00
checkpoint_advisories
checkpoint_advisories
CA BrightStor ARCserve Backup Message Engine Opcode 47 Buffer Overflow (CVE-2007-0169)
2009-10-12 00:00:00
CA BrightStor ARCserve Backup Message Engine Opcode 117 Buffer Overflow (CVE-2007-0169)
2009-10-13 00:00:00
CA BrightStor ARCserve Backup Tape Engine RPC Opcode 207 Buffer Overflow (CVE-2007-0169)
2010-08-29 00:00:00
packetstorm
packetstorm
CA BrightStor ARCserve Message Engine Buffer Overflow
2009-11-26 00:00:00
prion
prion
Buffer overflow
2007-01-11 22:28:00
cert
cert
CA BrightStor ARCserve Backup Tape Engine RPC buffer overflow
2007-01-12 00:00:00
CA BrightStor ARCserve Backup Message Engine RPC buffer overflow
2007-01-12 00:00:00
nessus
nessus
CA BrightStor ARCserve Backup Tape Engine Multiple Remote Overflows (QO84983)
2007-01-12 00:00:00
CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO84983)
2007-01-15 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.943 High

EPSS

Percentile

99.2%

JSON
Related for SAINT:93F3B7F6C1309A4DA573F9C4A7C93E79
saint11securityvulns4zdi2cve1checkpoint_advisories3packetstorm1prion1cert2nessus2