Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.102018 |
Category: | Buffer overflow |
Title: | CA ARCserve Backup Multiple Buffer Overflow Vulnerabilities |
Summary: | Multiple stack-based buffer overflows in CA (Computer Associates); BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to; execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll,; or a long (3) username argument to the GetUserInfo function. |
Description: | Summary: Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function. Solution: The vendor released an advisory and updates to address these issues. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
Cross-Ref: |
BugTraq ID: 24348 Common Vulnerability Exposure (CVE) ID: CVE-2007-5003 http://www.securityfocus.com/bid/24348 Bugtraq: 20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities (Google Search) http://www.securityfocus.com/archive/1/480252/100/100/threaded eEye Security Advisory: 20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops http://research.eeye.com/html/advisories/published/AD20070920.html http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599 http://www.securitytracker.com/id?1018728 http://secunia.com/advisories/25606 |
Copyright | Copyright (C) 2010 LSS |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |