Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.102018
Category:Buffer overflow
Title:CA ARCserve Backup Multiple Buffer Overflow Vulnerabilities
Summary:Multiple stack-based buffer overflows in CA (Computer Associates); BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to; execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll,; or a long (3) username argument to the GetUserInfo function.
Description:Summary:
Multiple stack-based buffer overflows in CA (Computer Associates)
BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to
execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll,
or a long (3) username argument to the GetUserInfo function.

Solution:
The vendor released an advisory and updates to address these issues.
Please see the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: BugTraq ID: 24348
Common Vulnerability Exposure (CVE) ID: CVE-2007-5003
http://www.securityfocus.com/bid/24348
Bugtraq: 20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/480252/100/100/threaded
eEye Security Advisory: 20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops
http://research.eeye.com/html/advisories/published/AD20070920.html
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599
http://www.securitytracker.com/id?1018728
http://secunia.com/advisories/25606
CopyrightCopyright (C) 2010 LSS

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.