Vulnerabilities > CVE-2006-6379 - Unspecified vulnerability in Broadcom products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 7 |
Exploit-Db
description | CA BrightStor ARCserve Backup Auto Scanner / Exploiter. CVE-2006-6379. Remote exploit for windows platform |
id | EDB-ID:1132 |
last seen | 2016-01-31 |
modified | 2005-08-03 |
published | 2005-08-03 |
reporter | cybertronic |
source | https://www.exploit-db.com/download/1132/ |
title | CA BrightStor ARCserve Backup Auto Scanner / Exploiter |
Nessus
NASL family | Windows |
NASL id | ARCSERVE_DISCOVERY_SERVICE_OVERFLOW.NASL |
description | According to its version, the installation of BrightStor ARCserve Backup on the remote host allows an attacker to execute arbitrary code on the affected host with SYSTEM privileges due to a buffer overflow that can be triggered by a specially crafted packet sent to the Discovery Service. Note that the vendor reports only Windows installs are vulnerable. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 23841 |
published | 2006-12-12 |
reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/23841 |
title | CA BrightStor ARCserve Backup Discovery Service Overflow |
Saint
bid | 21502 |
description | BrightStor ARCserve Discovery service 9b command buffer overflow |
id | misc_arcservedisc |
osvdb | 30775 |
title | brightstor_arcserve_disc_9b |
type | remote |
References
- http://securityreason.com/securityalert/2010
- http://securitytracker.com/id?1017356
- http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp
- http://www.osvdb.org/30775
- http://www.securityfocus.com/archive/1/453916/100/0/threaded
- http://www.securityfocus.com/bid/21502
- http://www.vupen.com/english/advisories/2006/4910
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30791