VYPR

Brightstor Arcserve Backup

by Broadcom Corporation

CVEs (63)

  • CVE-2007-5326Oct 13, 2007
    risk 0.01cvss epss 0.12

    Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.

  • CVE-2007-5004Oct 1, 2007
    risk 0.01cvss epss 0.09

    Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain "useless" password.

  • CVE-2007-3825Jul 18, 2007
    risk 0.01cvss epss 0.14

    Multiple stack-based buffer overflows in the RPC implementation in alert.exe before 8.0.255.0 in CA (formerly Computer Associates) Alert Notification Server, as used in Threat Manager for the Enterprise, Protection Suites, certain BrightStor ARCserve products, and BrightStor…

  • CVE-2007-1447Mar 16, 2007
    risk 0.01cvss epss 0.14

    The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC procedure arguments, which result in memory corruption, a different…

  • CVE-2006-5172Jan 16, 2007
    risk 0.01cvss epss 0.15

    Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the…

  • CVE-2006-5171Jan 16, 2007
    risk 0.01cvss epss 0.16

    Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the…

  • CVE-2006-5142Oct 10, 2006
    risk 0.01cvss epss 0.12

    Stack-based buffer overflow in CA BrightStor ARCserve Backup R11.5 client and server allows remote attackers to execute arbitrary code via long messages to the CheyenneDS Mailslot.

  • CVE-2005-3653Dec 31, 2005
    risk 0.01cvss epss 0.19

    Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field.

  • CVE-2012-1662Mar 22, 2012
    risk 0.00cvss epss 0.02

    CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1 on Windows allows remote attackers to cause a denial of service (service shutdown) via a crafted network request.

  • CVE-2009-3588Oct 13, 2009
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and…

  • CVE-2008-4400Oct 14, 2008
    risk 0.00cvss epss 0.03

    Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."

  • CVE-2007-5329Oct 13, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption.

  • CVE-2007-5005Oct 1, 2007
    risk 0.00cvss epss 0.05

    Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename…

  • CVE-2007-3875Jul 26, 2007
    risk 0.00cvss epss 0.04

    arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file.

  • CVE-2007-1448Mar 16, 2007
    risk 0.00cvss epss 0.01

    The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to cause a denial of service (disabled interface) by calling an unspecified RPC function.

  • CVE-2007-0672Feb 3, 2007
    risk 0.00cvss epss 0.03

    LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in…

  • CVE-2007-0673Feb 3, 2007
    risk 0.00cvss epss 0.03

    LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read.

  • CVE-2006-0307Jan 19, 2006
    risk 0.00cvss epss 0.04

    The DM Primer in the DM Deployment Common Component in Computer Associates (CA) BrightStor Mobile Backup r4.0, BrightStor ARCserve Backup for Laptops & Desktops r11.0, r11.1, r11.1 SP1, Unicenter Remote Control 6.0, 6.0 SP1, CA Desktop Protection Suite r2, CA Server Protection…

  • CVE-2005-0349May 2, 2005
    risk 0.00cvss epss 0.03

    The production release of the UniversalAgent for UNIX in BrightStor ARCserve Backup 11.1 contains hard-coded credentials, which allows remote attackers to access the file system and possibly execute arbitrary commands.

  • CVE-2001-0959Sep 15, 2001
    risk 0.00cvss epss 0.03

    Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files.