Vulnerabilities > CVE-2008-1979 - Numeric Errors vulnerability in Broadcom Brightstor Arcserve Backup

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

broadcom

CWE-189

exploit available

NVD

Published: 2008-04-27

Updated: 2021-04-07

Summary

The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read.

Vulnerable Configurations

Part	Description	Count
Application	Broadcom Broadcom Brightstor Arcserve Backup - Broadcom Brightstor Arcserve Backup 9.01 Broadcom Brightstor Arcserve Backup 10.5 Broadcom Brightstor Arcserve Backup 11 Broadcom Brightstor Arcserve Backup 11.1 Broadcom Brightstor Arcserve Backup 11.5	14

Common Weakness Enumeration (CWE)

CWE-189 - Numeric Errors

Exploit-Db

description	Computer Associates ARCserve Backup Discovery Service Remote Denial Of Service Vulnerability. CVE-2008-1979. Dos exploit for windows platform
id	EDB-ID:31707
last seen	2016-02-03
modified	2008-04-24
published	2008-04-24
reporter	Luigi Auriemma
source	https://www.exploit-db.com/download/31707/
title	Computer Associates ARCserve Backup Discovery Service Remote - Denial Of Service Vulnerability

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References