Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiDamian PutZDI-08-026
HistoryMay 19, 2008 - 12:00 a.m.

CA BrightStor ARCserve Backup XDR Parsing Buffer Overflow Vulnerability

2008-05-1900:00:00
Damian Put
www.zerodayinitiative.com
23

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.915 High

EPSS

Percentile

98.9%

JSON

This vulnerability allws attackers to execute arbitrary code on vulnerable installations of CA BrightStor ARCserve Backup for Linux. User interaction is not required to exploit this vulnerability. The specific flaw exists due to improper bounds checking in the xdr_rwsstring() library function. By sending a long parameter into a daemon using this function to process strings, a stack based buffer overflow occurs, leading to execution of arbitrary code.

Related

checkpoint_advisories 3
saint 8
prion 1
cve 1
securityvulns 3
nessus 1
seebug 1
checkpoint_advisories
checkpoint_advisories
CA BrightStor ARCserve Backup XDR Parsing Buffer Overflow (CVE-2008-2242)
2010-04-08 00:00:00
CA BrightStor ARCserve Backup caloggerd Opcode 79 Stack Buffer Overflow (CVE-2008-2242)
2009-12-13 00:00:00
Update Protection against CA BrightStor ARCserve Backup XDR Parsing Buffer Overflow Vulnerability
2008-07-08 00:00:00
saint
saint
CA ARCserve Backup caloggerd opcode 79 buffer overflow
2008-05-30 00:00:00
CA ARCserve Backup xdr_rwsstring buffer overflow
2008-05-27 00:00:00
CA ARCserve Backup xdr_rwsstring buffer overflow
2008-05-27 00:00:00
prion
prion
Stack overflow
2008-05-21 13:24:00
cve
cve
CVE-2008-2242
2008-05-21 13:24:00
securityvulns
securityvulns
ZDI-08-026: CA BrightStor ARCserve Backup Remote Buffer Overflow
2008-05-20 00:00:00
CA ARCserve Backup caloggerd and xdr Functions Vulnerabilities
2008-05-20 00:00:00
CA BrightStor ARCserve Backup multiple security vulnerabilities
2008-05-20 00:00:00
nessus
nessus
CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO92996)
2008-05-22 00:00:00
seebug
seebug
CA ARCserve Backup caloggerd和xdr函数目录遍历及栈溢出漏洞
2008-05-21 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.915 High

EPSS

Percentile

98.9%

JSON
Related for ZDI-08-026
checkpoint_advisories3saint8prion1cve1securityvulns3nessus1seebug1