9 matches found
CA BrightStor ARCserve Backup Tape Engine RPC Code Execution (CVE-2007-0168)
There exists a vulnerability in Computer Associates BrightStor ARCserve Backup products. The flaw is due to a design weakness in the processing of RPC requests sent to the Tape Engine service. A remote unauthenticated attacker may leverage this vulnerability to inject and execute arbitrary code o...
Cross site request forgery (csrf)
Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup formerly BrightStor ARCserve Backup r11.1 through r12.0 allows remote attackers to cause a denial of service crash via a crafted request...
CVE-2008-4398
CVE-2008-4398 affects CA ARCserve Backup Tape Engine (asdbapi.dll) on Windows r11.1–r12.0. The issue is insufficient input validation in the Tape Engine service, allowing a remote attacker to trigger a denial-of-service (crash) by sending a crafted RPC message. Public advisories from CA identify ...
CA BrightStor ARCserve Backup Mediasvr.exe vulnerability
CA is aware that functional exploit code was publicized on March 30, 2007 for a CA BrightStor ARCserve Backup Mediasvr.exe vulnerability. We have verified that a high risk vulnerability does exist and we are now working on a patch to address the issue. CA recommends that BrightStor ARCserve Backu...
Buffer overflow
Multiple buffer overflows in Computer Associates CA BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums 1 0x2F and 2 0x75 in the a Message...
CVE-2007-0168
The Tape Engine service in Computer Associates CA BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allows remote attackers to execute arbitrary code via certain data in opnum 0xBF in an RPC request, which is directly executed...
CVE-2007-0169
Multiple buffer overflows in Computer Associates CA BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums 1 0x2F and 2 0x75 in the a Message...
CVE-2007-0168
CVE-2007-0168 affects the Tape Engine RPC service in CA BrightStor ARCserve Backup (versions 9.01–11.5, Enterprise Backup 10.5, CA Server/Business Protection Suite r2). The flaw arises from the RPC handler for opnum 0xBF, which directly executes user-supplied data, enabling remote attackers to ex...
CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the handling of RPC requests to the Tape Engine service which...