| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores. |
| Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; and Business Protection Suite r2 allow remote attackers to execute arbitrary code via crafted data on TCP port 6071 to the Backup Agent RPC Server (DBASVR.exe) using the RPC routines with opcode (1) 0x01, (2) 0x02, or (3) 0x18; invalid stub data on TCP port 6503 to the RPC routines with opcode (4) 0x2b or (5) 0x2d in ASCORE.dll in the Message Engine RPC Server (msgeng.exe); (6) a long hostname on TCP port 41523 to ASBRDCST.DLL in the Discovery Service (casdscsvc.exe); or unspecified vectors related to the (7) Job Engine Service. |
| Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe Overflow," a different vulnerability than CVE-2006-5172. |
| Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a long filename in a .CAB file. |
| Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file. |
| Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502. |
| Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors. |
| Computer Associates Host Intrusion Prevention System (HIPS) drivers (1) Core kmxstart.sys 6.5.4.31 and (2) Firewall kmxfw.sys 6.5.4.10 allow local users to gain privileges by using certain privileged IOCTLs to modify callback function pointers. |
| The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request. |
| Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785. |
| Stack-based buffer overflow in the Message Queuing Server (Cam.exe) in CA (formerly Computer Associates) Message Queuing (CAM / CAFT) software before 1.11 Build 54_4 on Windows and NetWare, as used in CA Advantage Data Transport, eTrust Admin, certain BrightStor products, certain CleverPath products, and certain Unicenter products, allows remote attackers to execute arbitrary code via a crafted message to TCP port 3104. |
| Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of service or execute arbitrary code via an agent request to TCP port 6050 with a large argument before the option field. |
| Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges. |
| Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow. |
| Unknown "potential system security vulnerability" in Computer Associates (CA) Unicenter Remote Control 5.0 through 5.2, and ControlIT 5.0 and 5.1, may allow attackers to gain privileges to the local system account. |
| McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. |
| Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. |
| Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. |
| Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp. |
| RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. |
