Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-6379

4 documents4 sources

Severity

7.5HIGH

EPSS

29.1%

top 3.42%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Broadcom Brightstor Arcserve Backup Broadcom Brightstor Enterprise Backup Broadcom Server Protection Suite

Timeline

PublishedDec 10

Latest updateMay 1

Description

Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages3 packages

▶NVDbroadcom/brightstor_arcserve_backup4 versions+3

▶NVDbroadcom/brightstor_enterprise_backup10.5

▶NVDbroadcom/server_protection_suite2

🔴Vulnerability Details

GHSA

GHSA-6f8p-84wj-4x4x: Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11↗2022-05-01

▶

CVEList

CVE-2006-6379: Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11↗2006-12-10

▶

💥Exploits & PoCs

Exploit-DB

CA BrightStor ARCserve Backup - Remote Overflow↗2005-08-03

▶