CVE-2008-2241
published 2008-05-21CVE-2008-2241: Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to…
PriorityP351critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
11.94%
95.6th percentile
Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | — | — |
| broadcom | brightstor_arcserve_backup | — | — |
| broadcom | server_protection_suite | — | — |
| ca | brightstor_arcserve_backup | — | — |
| ca | brightstor_arcserve_backup | — | — |
| ca | business_protection_suite | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/30300http://www.securityfocus.com/archive/1/492266/100/0/threadedhttp://www.securityfocus.com/archive/1/492274/100/0/threadedhttp://www.securityfocus.com/bid/29283http://www.securitytracker.com/id?1020043http://www.vupen.com/english/advisories/2008/1573/referenceshttp://www.zerodayinitiative.com/advisories/ZDI-08-027/https://exchange.xforce.ibmcloud.com/vulnerabilities/42524https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798http://secunia.com/advisories/30300http://www.securityfocus.com/archive/1/492266/100/0/threadedhttp://www.securityfocus.com/archive/1/492274/100/0/threadedhttp://www.securityfocus.com/bid/29283http://www.securitytracker.com/id?1020043http://www.vupen.com/english/advisories/2008/1573/referenceshttp://www.zerodayinitiative.com/advisories/ZDI-08-027/https://exchange.xforce.ibmcloud.com/vulnerabilities/42524https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798
2008-05-21
Published