Vulnerabilities > Broadcom > Desktop Management Suite > Critical

DATE CVE VULNERABILITY TITLE RISK
2008-08-01 CVE-2008-3175 Numeric Errors vulnerability in multiple products
Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow.
network
low complexity
broadcom ca CWE-189
critical
10.0
2008-04-07 CVE-2008-1328 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified "command arguments."
9.3
2008-04-07 CVE-2008-1329 Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads."
network
low complexity
broadcom computer-associates
critical
10.0
2007-10-01 CVE-2007-5003 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function.
network
low complexity
broadcom ca CWE-119
critical
10.0
2007-10-01 CVE-2007-5004 Numeric Errors vulnerability in multiple products
Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain "useless" password.
network
broadcom ca CWE-189
critical
9.3
2007-10-01 CVE-2007-5005 Path Traversal vulnerability in multiple products
Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command.
network
low complexity
broadcom ca CWE-22
critical
10.0
2007-10-01 CVE-2007-5006 Improper Authentication vulnerability in multiple products
Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores.
network
low complexity
broadcom ca CWE-287
critical
10.0
2007-01-23 CVE-2007-0449 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Broadcom products
Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200.
network
low complexity
broadcom CWE-119
critical
10.0