Vulnerabilities > CVE-2005-0260 - Unspecified vulnerability in Broadcom Brightstor Arcserve Backup 11.1

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
broadcom
critical
exploit available
metasploit
NVD
Published: 2005-05-02
Updated: 2021-04-07

Summary

Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to execute arbitrary code via a long packet to UDP port 41524, which is not properly handled in a recvfrom call.

Vulnerable Configurations

Part Description Count
Application
Broadcom
1

Exploit-Db

descriptionCA BrightStor Discovery Service Stack Buffer Overflow. CVE-2005-0260. Remote exploit for windows platform
idEDB-ID:16406
last seen2016-02-01
modified2010-05-09
published2010-05-09
reportermetasploit
sourcehttps://www.exploit-db.com/download/16406/
titleCA BrightStor Discovery Service Stack Buffer Overflow

Metasploit

descriptionThis module exploits a vulnerability in the CA BrightStor Discovery Service. This vulnerability occurs when a large request is sent to UDP port 41524, triggering a stack buffer overflow.
idMSF:EXPLOIT/WINDOWS/BRIGHTSTOR/DISCOVERY_UDP
last seen2020-02-27
modified2017-11-08
published2005-12-05
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/brightstor/discovery_udp.rb
titleCA BrightStor Discovery Service Stack Buffer Overflow

Packetstorm

References