Arcserve Backup Security Vulnerabilities and Issues — Arcserve Backup CVE List

Lucene search

BroadcomArcserve Backup

12 matches found

CVE•added 2009/10/13 10:30 a.m.•83 views

CVE-2009-3588

Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows...

4.3CVSS6.2AI score0.08216EPSS

CVE•added 2012/03/22 3:28 a.m.•51 views

CVE-2012-1662

CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1 on Windows allows remote attackers to cause a denial of service (service shutdown) via a crafted network request.

5CVSS6.8AI score0.0182EPSS

CVE•added 2008/10/14 9:10 p.m.•50 views

CVE-2008-4398

Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request.

5CVSS6.3AI score0.02376EPSS

CVE•added 2008/10/14 9:10 p.m.•47 views

CVE-2008-4397

Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.

10CVSS7.3AI score0.85816EPSS

CVE•added 2001/09/12 4:0 a.m.•42 views

CVE-1999-1322

The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext.

4.6CVSS7.4AI score0.00812EPSS

CVE•added 2003/04/02 5:0 a.m.•41 views

CVE-2001-0959

Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files.

6.4CVSS6.7AI score0.00874EPSS

CVE•added 2008/10/14 9:10 p.m.•41 views

CVE-2008-4399

Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation."

5CVSS6.3AI score0.02376EPSS

CVE•added 2003/04/02 5:0 a.m.•39 views

CVE-2001-0960

Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges.

10CVSS7AI score0.01155EPSS

CVE•added 2008/12/11 3:30 p.m.•38 views

CVE-2008-5415

The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure.

10CVSS7.5AI score0.15626EPSS

CVE•added 2008/10/14 9:10 p.m.•37 views

CVE-2008-4400

Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."

5CVSS6.7AI score0.02553EPSS

CVE•added 2001/09/12 4:0 a.m.•36 views

CVE-1999-1049

ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password.

10CVSS7.4AI score0.00456EPSS

CVE•added 2002/05/03 4:0 a.m.•32 views

CVE-2001-1346

Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp.

1.2CVSS6.8AI score0.00226EPSS