Vulnerabilities > CVE-2005-1018 - Remote Buffer Overflow vulnerability in CA Brightstor Arcserve Backup 11.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of service or execute arbitrary code via an agent request to TCP port 6050 with a large argument before the option field.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | CA BrightStor Universal Agent Overflow. CVE-2005-1018. Remote exploit for windows platform |
id | EDB-ID:16405 |
last seen | 2016-02-01 |
modified | 2010-06-22 |
published | 2010-06-22 |
reporter | metasploit |
source | https://www.exploit-db.com/download/16405/ |
title | CA BrightStor Universal Agent Overflow |
Metasploit
description | This module exploits a convoluted heap overflow in the CA BrightStor Universal Agent service. Triple userland exception results in heap growth and execution of dereferenced function pointer at a specified address. |
id | MSF:EXPLOIT/WINDOWS/BRIGHTSTOR/UNIVERSAL_AGENT |
last seen | 2020-01-14 |
modified | 2017-07-24 |
published | 2005-12-05 |
references | |
reporter | Rapid7 |
source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/brightstor/universal_agent.rb |
title | CA BrightStor Universal Agent Overflow |
Nessus
NASL family | Windows |
NASL id | ARCSERVE_UNIVERSALAGENT_OVERFLOW.NASL |
description | This host is running BrightStor ARCServe UniversalAgent. The remote version of this software is affected by a buffer overflow vulnerability. An attacker, by sending a specially crafted packet, may be able to execute code on the remote host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 18041 |
published | 2005-04-13 |
reporter | This script is Copyright (C) 2005-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/18041 |
title | CA BrightStor ARCserve Backup Universal Agent Remote Overflow (QO66526) |
Packetstorm
data source | https://packetstormsecurity.com/files/download/83156/universal_agent.rb.txt |
id | PACKETSTORM:83156 |
last seen | 2016-12-05 |
published | 2009-11-26 |
reporter | H D Moore |
source | https://packetstormsecurity.com/files/83156/CA-BrightStor-Universal-Agent-Overflow.html |
title | CA BrightStor Universal Agent Overflow |
Saint
bid | 13102 |
description | BrightStor ARCserve Universal Agent buffer overflow |
osvdb | 15471 |
title | brightstor_arcserve_universal_agent |
type | remote |