26 matches found
Computer Associates Products Message Engine RPC Server Multiple Buffer Overflow Vulnerabilities (2)
No description provided by source. source: http://www.securityfocus.com/bid/20365/info Multiple Computer Associates products are prone to multiple buffer-overflow vulnerabilities because the applications using an affected library fail to properly bounds-check user-supplied input before copying it...
CVE-2007-5327
Stack-based buffer overflow in the RPC interface for the Message Engine mediasvr.exe in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum...
CVE-2007-2772
1 caloggerd.exe camt70.dll and 2 mediasvr.exe catirpc.dll and rwxdr.dll in CA BrightStor Backup 11.5.2.0 SP2 allow remote attackers to cause a denial of service NULL dereference and application crash via a crafted RPC packet...
CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service Exploit
No description provided by source. !/usr/bin/python Computer Associates CA Brightstor Backup Mediasvr.exe DoS catirpc.dll/rwxdr.dll Previously Unknown There is an issue with RPC operation 126 and the imported cactirpc.dll and rwxdr.dll. It looks as if Mediasvr.exe identifies a Bad Job Handle ...
CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe Vulnerabilities
Title: CA BrightStor ARCserve Backup Mediasvr.exe and caloggerd.exe Vulnerabilities Notice Date: 2007-05-16 CA is aware that two functional exploit code samples were publicized on May 16, 2007. These two denial of service exploits are associated with vulnerabilities in CA BrightStor ARCserve Back...
CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service Exploit
No description provided by source. !/usr/bin/python Computer Associates CA Brightstor Backup Mediasvr.exe DoS catirpc.dll/rwxdr.dll Previously Unknown There is an issue with RPC operation 126 and the imported cactirpc.dll and rwxdr.dll. It looks as if Mediasvr.exe identifies a Bad Job Handle as...
CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service Exploit
Exploit for unknown platform in category dos / poc ==================================================================== CA BrightStor Backup 11.5.2.0 Mediasvr.exe Denial of Service Exploit ==================================================================== !/usr/bin/python Computer Associates CA...
CA BrightStor Backup 11.5.2.0 - Mediasvr.exe Denial of Service
CA BrightStor Backup 11.5.2.0 - Mediasvr.exe Denial of Service !/usr/bin/python Computer Associates CA Brightstor Backup Mediasvr.exe DoS catirpc.dll/rwxdr.dll Previously Unknown There is an issue with RPC operation 126 and the imported cactirpc.dll and rwxdr.dll. It looks as if Mediasvr.exe...
CA BrightStor Backup 11.5.2.0 - 'Mediasvr.exe' Denial of Service
!/usr/bin/python Computer Associates CA Brightstor Backup Mediasvr.exe DoS catirpc.dll/rwxdr.dll Previously Unknown There is an issue with RPC operation 126 and the imported cactirpc.dll and rwxdr.dll. It looks as if Mediasvr.exe identifies a Bad Job Handle as seen in its log file. Log Message:...
Computer Associates BrightStor ARCserve Backup MediaSVR.EXE 191缓冲区溢出漏洞
Computer Associates BrightStor ARCserve Backup是一款企业级的备份解决方案。 Computer Associates BrightStor ARCserve Backup处理XDR过程的RPC数据存在设计错误,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 Mediasvr.exe导入的多个DLL在处理使用XDR过程的RPC数据时存在设计错误。4个来自RPC报文的字节作为特殊地址处理(xdrhandlet data会经过多次位移动和字节反转),最后装载到ECX中,在NULL字节后至少8字节NULL的191 0xbf过程成为可利用条件:...
CA BrightStor ARCserve Backup Mediasvr.exe vulnerability
CA is aware that functional exploit code was publicized on March 30, 2007 for a CA BrightStor ARCserve Backup Mediasvr.exe vulnerability. We have verified that a high risk vulnerability does exist and we are now working on a patch to address the issue. CA recommends that BrightStor ARCserve Backu...
CVE-2007-1785
CVE-2007-1785 is a remote code execution vulnerability in CA BrightStor ARCserve Backup Media Server (mediasvr.exe) caused by improper handling of RPC SUN RPC requests (xdr_handle_t) in the Mediasvr service. It affects BrightStor ARCserve Backup Media Server components across multiple versions (n...
CA BrightStor Backup 11.5.2.0 (Mediasvr.exe) Remote Code Exploit
No description provided by source. !/usr/bin/python Computer Associates CA Brightstor Backup Mediasvr.exe Remote Code Exploit Previously Unknown There seems to be an design error in the handling of RPC data with xdr procedures across several .dll's imported by Mediasvr.exe. Four bytes from an RPC...
CA Brightstor Backup Mediasvr.exe Remote Code Vulnerability
Shirkdog Security Advisory SHK-004 Title: ------ Computer Associates CA Brightstor Backup Mediasvr.exe Remote Code Vulnerability Description of Application: --------------------------- http://www3.ca.com/solutions/ProductFamily.aspx?ID=115 Brightstor ARCserv Backup provides a complete, flexible a...
CA BrightStor Backup 11.5.2.0 - 'Mediasvr.exe' Remote Code
!/usr/bin/python Computer Associates CA Brightstor Backup Mediasvr.exe Remote Code Exploit Previously Unknown There seems to be an design error in the handling of RPC data with xdr procedures across several .dll's imported by Mediasvr.exe. Four bytes from an RPC packet are processed as a particul...
CA BrightStor Backup 11.5.2.0 - Mediasvr.exe Remote Code
CA BrightStor Backup 11.5.2.0 - Mediasvr.exe Remote Code !/usr/bin/python Computer Associates CA Brightstor Backup Mediasvr.exe Remote Code Exploit Previously Unknown There seems to be an design error in the handling of RPC data with xdr procedures across several .dll's imported by Mediasvr.exe...
CA BrightStor Backup 11.5.2.0 (Mediasvr.exe) Remote Code Exploit
Exploit for unknown platform in category remote exploits ================================================================ CA BrightStor Backup 11.5.2.0 Mediasvr.exe Remote Code Exploit ================================================================ !/usr/bin/python Computer Associates CA...
Computer Associates BrightStor ARCserve Backup MediaSVR.EXE远程缓冲区溢出漏洞
Computer Associates BrightStor ARCserve Backup是商业性质的企业级备份解决方案。 Computer Associates BrightStor ARCserve Backup包含的MediaSVR.EXE服务存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 问题存在于SUNRPC接口中,其中用户定义的长度用于多个strncpy函数,当拷贝用户定义数据到固定大小的堆栈缓冲区时,可导致缓冲区溢出,精心构建提交数据可能以应用程序进程权限执行任意指令。 Computer Associates Server Protection...
Computer Associates BrightStor ARCserve Backup MediaSVR.EXE变种远程缓冲区溢出漏洞
Computer Associates BrightStor ARCserve Backup是商业性质的企业级备份解决方案。 Computer Associates BrightStor ARCserve Backup包含的MediaSVR.EXE服务存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 漏洞是由于Mediasrv服务中处理SUNRPC接口中的RPC字符串存在缓冲区溢出,攻击者发送特殊构建的包到RPC接口可导致执行任意指令。 Computer Associates Server Protection Suite r2 Computer Associate...
CVE-2006-5171
Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates CA Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe Overflow...