Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2005-1018

4 documents4 sources

Severity

7.5HIGH

EPSS

71.7%

top 1.26%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

CA Brightstor Arcserve Backup

Timeline

PublishedMay 2

Latest updateMay 1

Description

Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of service or execute arbitrary code via an agent request to TCP port 6050 with a large argument before the option field.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDca/brightstor_arcserve_backup11.1

🔴Vulnerability Details

GHSA

GHSA-p934-6qf9-9r4x: Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of s↗2022-05-01

▶

CVEList

CVE-2005-1018: Buffer overflow in the UniversalAgent for Computer Associates (CA) BrightStor ARCserve Backup allows remote authenticated users to cause a denial of s↗2005-04-12

▶

💥Exploits & PoCs

Exploit-DB

CA BrightStor Universal Agent - Remote Overflow (Metasploit)↗2010-06-22

▶