Lucene search
K
CaArcserve Backup

11 matches found

CVE
CVE
added 2009/01/28 1:0 a.m.114 views

CVE-2009-0042

CVE-2009-0042 affects the Arclib library (arclib.dll) used by CA Security products. The vulnerability, described across CA Anti-Virus for Enterprise (7.1, r8, r8.1), Anti-Virus 2007 v8 and 2008, Internet Security Suite 2007 v3 and 2008, and other CA products, allows remote attackers to bypass vir...

10CVSS6.7AI score0.04268EPSS
CVE
CVE
added 2009/10/13 10:0 a.m.103 views

CVE-2009-3588

CVE-2009-3588 (and 3587) describe a DoS vulnerability in CA’s arclib component used by CA Anti-Virus for Enterprise and related CA products. A crafted RAR archive can trigger stack corruption (CVE-3588) and heap corruption (CVE-3587); CVE-3587 also notes possible arbitrary-code execution. Affecte...

4.3CVSS6.2AI score0.02394EPSS
CVE
CVE
added 2009/10/13 10:0 a.m.101 views

CVE-2009-3587

CA ARclib DoS vulnerabilities (CVE-2009-3587/3588) affect CA Anti-Virus for the Enterprise and related CA products; exploitation via crafted RAR archives can trigger heap or stack corruption and may lead to denial of service and possibly arbitrary code execution. Affected products listed include ...

9.3CVSS7.4AI score0.07605EPSS
CVE
CVE
added 2008/10/14 8:0 p.m.66 views

CVE-2008-4398

CVE-2008-4398 affects CA ARCserve Backup Tape Engine (asdbapi.dll) on Windows r11.1–r12.0. The issue is insufficient input validation in the Tape Engine service, allowing a remote attacker to trigger a denial-of-service (crash) by sending a crafted RPC message. Public advisories from CA identify ...

5CVSS6.3AI score0.08232EPSS
CVE
CVE
added 2009/06/16 11:0 p.m.65 views

CVE-2009-1761

The CVE-2009-1761 issue affects CA ARCserve Backup on Windows (r12.0 and r12.0 SP1) where the Message Engine crashes due to insufficient verification of RPC data. An unauthenticated remote attacker can send malformed RPC messages to trigger a denial of service. A patch (RO08383) and guidance from...

5CVSS6.9AI score0.02232EPSS
CVE
CVE
added 2008/10/14 8:0 p.m.58 views

CVE-2008-4397

CVE-2008-4397 is a directory traversal flaw in the RPC interface (asdbapi.dll) of CA ARCserve Backup (BrightStor ARCserve Backup) versions r11.1–r12.0. An unauthenticated remote attacker can craft RPC calls (opnum 0x10A) to traverse directories and execute arbitrary commands. Multiple connected s...

10CVSS7.3AI score0.80542EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.57 views

CVE-2000-0781

ARCServeIT Client Agent 6.62 is affected by a local privilege escalation vulnerability in uagentsetup, where the process does not properly verify the existence or ownership of a temporary file before it is moved to the agent.cfg configuration file. This enables local users to modify the temporary...

7.2CVSS7.6AI score0.00393EPSS
CVE
CVE
added 2008/10/14 8:0 p.m.55 views

CVE-2008-4399

CA ARCserve Backup DB Engine vulnerability CVE-2008-4399 affects the asdbapi.dll database engine service in CA ARCserve Backup r11.1–r12.0. The issue stems from insufficient validation of remote RPC requests, allowing remote unauthenticated attackers to cause a denial of service (crash) of the DB...

5CVSS6.3AI score0.08232EPSS
CVE
CVE
added 2008/10/14 8:0 p.m.50 views

CVE-2008-4400

CVE-2008-4400 affects CA ARCserve Backup (BrightStor ARCserve Backup) r11.1–r12.0. The vulnerability is in asdbapi.dll and stems from insufficient validation of authentication credentials, allowing remote attackers to cause a denial of service by crashing multiple services. Remediation is availab...

5CVSS6.7AI score0.03382EPSS
CVE
CVE
added 2008/12/11 3:0 p.m.49 views

CVE-2008-5415

CA ARCserve Backup on Windows (LDBserver) across versions 11.1, 11.5, and 12.0 is affected. The vulnerability stems from insufficient verification of handle_t arguments passed to an RPC endpoint, where the handle refers to an incompatible procedure, enabling remote code execution or service crash...

10CVSS7.5AI score0.08317EPSS
CVE
CVE
added 2002/05/03 4:0 a.m.44 views

CVE-2001-1346

ARCserveIT 6.61 and 6.63 (ARCservIT) are affected by a local vulnerability where an attacker can overwrite arbitrary files via a symlink attack on temporary files (asagent.tmp or inetd.tmp). The underlying issue is insecure handling of temporary files leading to local privilege impact with partia...

1.2CVSS6.8AI score0.00606EPSS