11 matches found
CVE-2009-0042
CVE-2009-0042 affects the Arclib library (arclib.dll) used by CA Security products. The vulnerability, described across CA Anti-Virus for Enterprise (7.1, r8, r8.1), Anti-Virus 2007 v8 and 2008, Internet Security Suite 2007 v3 and 2008, and other CA products, allows remote attackers to bypass vir...
CVE-2009-3588
CVE-2009-3588 (and 3587) describe a DoS vulnerability in CA’s arclib component used by CA Anti-Virus for Enterprise and related CA products. A crafted RAR archive can trigger stack corruption (CVE-3588) and heap corruption (CVE-3587); CVE-3587 also notes possible arbitrary-code execution. Affecte...
CVE-2009-3587
CA ARclib DoS vulnerabilities (CVE-2009-3587/3588) affect CA Anti-Virus for the Enterprise and related CA products; exploitation via crafted RAR archives can trigger heap or stack corruption and may lead to denial of service and possibly arbitrary code execution. Affected products listed include ...
CVE-2008-4398
CVE-2008-4398 affects CA ARCserve Backup Tape Engine (asdbapi.dll) on Windows r11.1–r12.0. The issue is insufficient input validation in the Tape Engine service, allowing a remote attacker to trigger a denial-of-service (crash) by sending a crafted RPC message. Public advisories from CA identify ...
CVE-2009-1761
The CVE-2009-1761 issue affects CA ARCserve Backup on Windows (r12.0 and r12.0 SP1) where the Message Engine crashes due to insufficient verification of RPC data. An unauthenticated remote attacker can send malformed RPC messages to trigger a denial of service. A patch (RO08383) and guidance from...
CVE-2008-4397
CVE-2008-4397 is a directory traversal flaw in the RPC interface (asdbapi.dll) of CA ARCserve Backup (BrightStor ARCserve Backup) versions r11.1–r12.0. An unauthenticated remote attacker can craft RPC calls (opnum 0x10A) to traverse directories and execute arbitrary commands. Multiple connected s...
CVE-2000-0781
ARCServeIT Client Agent 6.62 is affected by a local privilege escalation vulnerability in uagentsetup, where the process does not properly verify the existence or ownership of a temporary file before it is moved to the agent.cfg configuration file. This enables local users to modify the temporary...
CVE-2008-4399
CA ARCserve Backup DB Engine vulnerability CVE-2008-4399 affects the asdbapi.dll database engine service in CA ARCserve Backup r11.1–r12.0. The issue stems from insufficient validation of remote RPC requests, allowing remote unauthenticated attackers to cause a denial of service (crash) of the DB...
CVE-2008-4400
CVE-2008-4400 affects CA ARCserve Backup (BrightStor ARCserve Backup) r11.1–r12.0. The vulnerability is in asdbapi.dll and stems from insufficient validation of authentication credentials, allowing remote attackers to cause a denial of service by crashing multiple services. Remediation is availab...
CVE-2008-5415
CA ARCserve Backup on Windows (LDBserver) across versions 11.1, 11.5, and 12.0 is affected. The vulnerability stems from insufficient verification of handle_t arguments passed to an RPC endpoint, where the handle refers to an incompatible procedure, enabling remote code execution or service crash...
CVE-2001-1346
ARCserveIT 6.61 and 6.63 (ARCservIT) are affected by a local vulnerability where an attacker can overwrite arbitrary files via a symlink attack on temporary files (asagent.tmp or inetd.tmp). The underlying issue is insecure handling of temporary files leading to local privilege impact with partia...