Lucene search
K
BroadcomArcserve Backup

12 matches found

CVE
CVE
added 2009/10/13 10:0 a.m.102 views

CVE-2009-3588

CVE-2009-3588 (and 3587) describe a DoS vulnerability in CA’s arclib component used by CA Anti-Virus for Enterprise and related CA products. A crafted RAR archive can trigger stack corruption (CVE-3588) and heap corruption (CVE-3587); CVE-3587 also notes possible arbitrary-code execution. Affecte...

4.3CVSS6.2AI score0.02394EPSS
CVE
CVE
added 2008/10/14 8:0 p.m.66 views

CVE-2008-4398

CVE-2008-4398 affects CA ARCserve Backup Tape Engine (asdbapi.dll) on Windows r11.1–r12.0. The issue is insufficient input validation in the Tape Engine service, allowing a remote attacker to trigger a denial-of-service (crash) by sending a crafted RPC message. Public advisories from CA identify ...

5CVSS6.3AI score0.08232EPSS
CVE
CVE
added 2012/03/22 1:0 a.m.63 views

CVE-2012-1662

CA ARCserve Backup for Windows is affected by CVE-2012-1662, allowing a remote attacker to cause a denial of service (service shutdown) via a crafted network request. Affected versions are CA ARCserve Backup for Windows r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1. Mit...

5CVSS6.8AI score0.02194EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.58 views

CVE-1999-1322

The CVE concerns the installation of 1ArcServe Backup and Inoculan AV client modules for Exchange, which can create a log file exchverify.log that stores usernames and passwords in plaintext. Affected components: the Exchange-related client modules for 1ArcServe Backup and Inoculan AV. Underlying...

4.6CVSS7.4AI score0.01503EPSS
CVE
CVE
added 2008/10/14 8:0 p.m.58 views

CVE-2008-4397

CVE-2008-4397 is a directory traversal flaw in the RPC interface (asdbapi.dll) of CA ARCserve Backup (BrightStor ARCserve Backup) versions r11.1–r12.0. An unauthenticated remote attacker can craft RPC calls (opnum 0x10A) to traverse directories and execute arbitrary commands. Multiple connected s...

10CVSS7.3AI score0.80542EPSS
CVE
CVE
added 2008/10/14 8:0 p.m.55 views

CVE-2008-4399

CA ARCserve Backup DB Engine vulnerability CVE-2008-4399 affects the asdbapi.dll database engine service in CA ARCserve Backup r11.1–r12.0. The issue stems from insufficient validation of remote RPC requests, allowing remote unauthenticated attackers to cause a denial of service (crash) of the DB...

5CVSS6.3AI score0.08232EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.54 views

CVE-2001-0960

ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 store the backup agent username and password in cleartext in the aremote.dmp file on the ARCSERVE$ hidden share. The Nessus plugin item ARCSERVE_HIDDEN_SHARE.NASL confirms the ARCSERVE$ share is accessible and that multiple ARCserve versions retain ...

10CVSS7AI score0.03364EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.52 views

CVE-2001-0959

The CVE-2001-0959 entry concerns Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0, which create a hidden administrative share named ARCSERVE$. This behavior enables remote attackers to access sensitive information and to overwrite critical files. The vulnerability is described ...

6.4CVSS6.7AI score0.02973EPSS
CVE
CVE
added 2008/10/14 8:0 p.m.50 views

CVE-2008-4400

CVE-2008-4400 affects CA ARCserve Backup (BrightStor ARCserve Backup) r11.1–r12.0. The vulnerability is in asdbapi.dll and stems from insufficient validation of authentication credentials, allowing remote attackers to cause a denial of service by crashing multiple services. Remediation is availab...

5CVSS6.7AI score0.03382EPSS
CVE
CVE
added 2008/12/11 3:0 p.m.49 views

CVE-2008-5415

CA ARCserve Backup on Windows (LDBserver) across versions 11.1, 11.5, and 12.0 is affected. The vulnerability stems from insufficient verification of handle_t arguments passed to an RPC endpoint, where the handle refers to an incompatible procedure, enabling remote code execution or service crash...

10CVSS7.5AI score0.08317EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.47 views

CVE-1999-1049

ARCserve NT agents authenticate using a weak XOR scheme for passwords. The vulnerability allows remote attackers to sniff the authentication request sent to port 6050 and decrypt the password, leading to potential unauthorized access and confidentiality/ integrity impact as described in the CVE e...

10CVSS7.4AI score0.01759EPSS
CVE
CVE
added 2002/05/03 4:0 a.m.44 views

CVE-2001-1346

ARCserveIT 6.61 and 6.63 (ARCservIT) are affected by a local vulnerability where an attacker can overwrite arbitrary files via a symlink attack on temporary files (asagent.tmp or inetd.tmp). The underlying issue is insecure handling of temporary files leading to local privilege impact with partia...

1.2CVSS6.8AI score0.00606EPSS