19 matches found
CVE-2007-2863
CVE-2007-2863 is a stack-based buffer overflow in the CA Anti-Virus engine (and related CA products) caused by insufficient bounds checking on filenames in CAB archives. A remote attacker can trigger the overflow via a long filename in a CAB file, potentially executing arbitrary code. Affected pr...
CVE-2006-6379
CVE-2006-6379 affects the BrightStor ARCserve Backup Discovery Service. A buffer overflow in the ASBRDCST.DLL discovery component allows remote attackers to execute arbitrary code via specially crafted packets sent to the Discovery Service. Affected products include BrightStor ARCserve Backup (r1...
CVE-2005-1272
CVE-2005-1272 is a stack-based buffer overflow in BrightStor ARCserve Backup Agent for Microsoft SQL Server (11.0). The vulnerability allows remote code execution by sending a long string to ports 6070 or 6050; root cause is a boundary/stack overflow in the agent. Remediation guidance present in ...
CVE-2006-5143
CVE-2006-5143 affects Computer Associates BrightStor ARCserve Backup and related Protection Suite products. The vulnerabilities are buffer overflows in multiple components: the Backup Agent RPC Server (DBASVR.exe) via RPC opcodes 0x01/0x02/0x18 on TCP 6071; the Message Engine RPC Server (msgeng.e...
CVE-2007-3875
CVE-2007-3875 : A DoS in CA/ eTrust Antivirus products caused by arclib.dll when processing a malformed CHM file. An invalid “previous listing chunk number” in CHM triggers an infinite loop, halting antivirus functionality. Affected CA products include CA Anti-Virus for the Enterprise (formerly e...
CVE-2007-5328
CA BrightStor ARCserve Backup (Message Engine RPC) contains CVE-2007-5328: insecure privileged function exposure through RPC calls in the Message Engine service. A remote attacker can modify the file system and registry and potentially take full control of affected systems. Affected products incl...
CVE-2007-0168
CVE-2007-0168 affects the Tape Engine RPC service in CA BrightStor ARCserve Backup (versions 9.01–11.5, Enterprise Backup 10.5, CA Server/Business Protection Suite r2). The flaw arises from the RPC handler for opnum 0xBF, which directly executes user-supplied data, enabling remote attackers to ex...
CVE-2005-2535
CVE-2005-2535 is a buffer overflow in the CA BrightStor ARCserve Backup Discovery Service (versions 9.0–11.1) that allows remote attackers to execute arbitrary commands via a large packet sent to TCP port 41523. The Connected documents confirm exploit context via public PoCs and Metasploit/Exploi...
CVE-2007-5327
The CVE-2007-5327 issue is a stack-based overflow in the CA BrightStor ARCserve Backup Message Engine RPC interface (mediasvr.exe) that can allow remote code execution via opnum 0x10d. Affected products include BrightStor ARCserve Backup from v9.01 to R11.5 and BrightStor Enterprise Backup r10.5,...
CVE-2006-5171
CVE-2006-5171 is a stack-based buffer overflow in the SUN RPC interface of Mediasvr.exe used by CA Brightstor ARCserve Backup (9.01–11.5), Enterprise Backup 10.5, and CA Protection Suites r2. The flaw allows remote attackers to execute arbitrary code via crafted SUNRPC packets. Related entries (e...
CVE-2007-0169
CA BrightStor ARCserve Backup (including Tape Engine and Message Engine RPC services) contains buffer overflow vulnerabilities triggered by crafted RPC requests. The flaws arise from insufficient validation of user-supplied data in RPC messages, permitting remote, unauthenticated attackers to pot...
CVE-2006-5172
The CVE-2006-5172 entry covers a stack-based buffer overflow in the SUN RPC service (SUNRPC interface) of Mediasvr.exe within CA Brightstor ARCserve Backup 9.01–11.5, CA Enterprise Backup 10.5, and CA Protection Suites r2. The underlying flaw is a buffer overflow triggered by crafted SUNRPC packe...
CVE-2007-3825
CA Alert Notification Server (alert.exe) is affected by multiple stack-based buffer overflows in its RPC handling, prior to version 8.0.255.0, used across Threat Manager for the Enterprise, Protection Suites, BrightStor ARCserve Backup, and BrightStor Enterprise Backup. The vulnerabilities allow ...
CVE-2007-5332
CA BrightStor ARCserve Backup contains multiple remote vulnerabilities (including CVE-2007-5332) affecting mediasvr and caloggerd across versions 9.01–11.5 and Enterprise Backup r10.5. The issues stem from memory corruption in RPC argument processing, enabling a remote attacker to cause denial of...
CVE-2007-5330
CVE-2007-5330 affects CA BrightStor ARCserve Backup and BrightStor Enterprise Backup on Windows. The cadbd RPC service is vulnerable to remote code execution via stack-based buffer overflows in unspecified RPC procedures, and to memory corruption from handling of RPC arguments as pointers. Exploi...
CVE-2007-5331
CVE-2007-5331 affects CA BrightStor ARCserve Backup and BrightStor Enterprise Backup. The vulnerability lies in queue.dll used by the message queuing service (LQserver.exe), where a malformed ONRPC request for operation 0x76 can cause memory corruption in lqserver/media services, enabling remote ...
CVE-2007-5329
CVE-2007-5329 describes a memory corruption vulnerability in CA BrightStor ARCserve Backup components (notably dbasvr.exe and related RPC/server processes) across multiple versions (v9.01 through R11.5, and Enterprise Backup r10.5). The root cause is memory corruption during processing of RPC/arg...
CVE-2007-5325
CVE-2007-5325 and related CVEs describe multiple remote vulnerabilities in CA BrightStor ARCserve Backup and BrightStor Enterprise Backup (v9.01–R11.5, Enterprise Backup r10.5, and related Windows components). The core issues include: (1) buffer overflows in the Message Engine and AScore.dll, and...
CVE-2007-5326
CA BrightStor ARCserve Backup contains multiple remote vulnerabilities (CVE-2007-5326 among others) due to RPC string/buffer overflows in components such as RPC and rpcx.dll. A remote attacker could potentially execute arbitrary code on affected systems (Windows platforms) by manipulating RPC inp...