Vulnerabilities > CVE-2005-2535 - Unspecified vulnerability in Broadcom products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the Discovery Service in BrightStor ARCserve Backup 9.0 through 11.1 allows remote attackers to execute arbitrary commands via a large packet to TCP port 41523, a different vulnerability than CVE-2005-0260.
Vulnerable Configurations
Exploit-Db
description CA BrightStor Discovery Service TCP Overflow. CVE-2005-2535. Remote exploit for windows platform id EDB-ID:16408 last seen 2016-02-01 modified 2010-04-30 published 2010-04-30 reporter metasploit source https://www.exploit-db.com/download/16408/ title CA BrightStor Discovery Service TCP Overflow description CA BrightStor ARCserve Backup Remote Buffer Overlow PoC. CVE-2005-2535. Dos exploit for linux platform id EDB-ID:815 last seen 2016-01-31 modified 2005-02-12 published 2005-02-12 reporter cybertronic source https://www.exploit-db.com/download/815/ title CA BrightStor ARCserve Backup Remote Buffer Overlow PoC
Metasploit
| description | This module exploits a vulnerability in the CA BrightStor Discovery Service. This vulnerability occurs when a specific type of request is sent to the TCP listener on port 41523. This vulnerability was discovered by cybertronic[at]gmx.net and affects all known versions of the BrightStor product. This module is based on the 'cabrightstor_disco' exploit by HD Moore. |
| id | MSF:EXPLOIT/WINDOWS/BRIGHTSTOR/DISCOVERY_TCP |
| last seen | 2020-06-01 |
| modified | 2017-11-08 |
| published | 2005-12-05 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/brightstor/discovery_tcp.rb |
| title | CA BrightStor Discovery Service TCP Overflow |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/83210/discovery_tcp.rb.txt |
| id | PACKETSTORM:83210 |
| last seen | 2016-12-05 |
| published | 2009-11-26 |
| reporter | H D Moore |
| source | https://packetstormsecurity.com/files/83210/CA-BrightStor-Discovery-Service-TCP-Overflow.html |
| title | CA BrightStor Discovery Service TCP Overflow |
Saint
| bid | 12536 |
| description | BrightStor ARCserve Backup discovery service buffer overflow |
| osvdb | 13814 |
| title | brightstor_arcserve_discovery |
| type | remote |
References
- http://archives.neohapsis.com/archives/bugtraq/2005-02/0123.html
- http://archives.neohapsis.com/archives/bugtraq/2005-02/0141.html
- http://archives.neohapsis.com/archives/bugtraq/2005-02/0201.html
- http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?ID=32478
- http://www.kb.cert.org/vuls/id/966880
- http://www.securityfocus.com/bid/12536
- http://www.osvdb.org/13814
- http://secunia.com/advisories/14293
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19320