cbcvebase.

Broadcom Brightstor Arcserve Backup vulnerabilities

41 known vulnerabilities affecting broadcom/brightstor_arcserve_backup.

Total CVEs
41
CISA KEV
0
Public exploits
21
Exploited in wild
0
Severity breakdown
CRITICAL21HIGH16MEDIUM3LOW1

Vulnerabilities

Page 1 of 3
CVE-2006-6076P2CRITICALCVSS 10.0PoC≤ 11.5v11.1+1 more2006-11-24
CVE-2006-6076 [CRITICAL] CVE-2006-6076: Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARC Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502.
nvd
CVE-2006-5143P2HIGHCVSS 7.5PoC≤ 11.5v9.01+1 more2006-10-10
CVE-2006-5143 [HIGH] CWE-119 CVE-2006-5143: Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; B Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; and Business Protection Suite r2 allow remote attackers to execute arbitrary code via crafted data on TCP port 6071 to the Backup Agent RPC Server (D
nvd
CVE-2007-2139P2CRITICALCVSS 10.0PoCv9.01v11.1+1 more2007-04-25
CVE-2007-2139 [CRITICAL] CVE-2007-2139: Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) Br Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC stri
nvd
CVE-2007-0169P2HIGHCVSS 7.5PoC≤ 11.5v9.012007-01-11
CVE-2007-0169 [HIGH] CWE-119 CVE-2007-0169: Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Eng
nvd
CVE-2005-0260P2CRITICALCVSS 10.0PoCv11.12005-05-02
CVE-2005-0260 [CRITICAL] CVE-2005-0260: Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to execute arbitrary code via a long packet to UDP port 41524, which is not properly handled in a recvfrom call.
nvd
CVE-2005-2535P2HIGHCVSS 7.5PoCv7.0v9.0+3 more2005-08-10
CVE-2005-2535 [HIGH] CVE-2005-2535: Buffer overflow in the Discovery Service in BrightStor ARCserve Backup 9.0 through 11.1 allows remot Buffer overflow in the Discovery Service in BrightStor ARCserve Backup 9.0 through 11.1 allows remote attackers to execute arbitrary commands via a large packet to TCP port 41523, a different vulnerability than CVE-2005-0260.
nvd
CVE-2007-4620P2CRITICALCVSS 9.0PoCv11.1v11.52008-04-07
CVE-2007-4620 [CRITICAL] CWE-119 CVE-2007-4620: Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert. Multiple stack-based buffer overflows in Computer Associates (CA) Alert Notification Service (Alert.exe) 8.1.586.0, 8.0.450.0, and 7.1.758.0, as used in multiple CA products including Anti-Virus for the Enterprise 7.1 through r11.1 and Threat Manager for the Enterprise 8.1 and r8, allow remote authenticated users to execute arbitrary code via crafte
nvd
CVE-2007-2864P2CRITICALCVSS 9.3PoCv9.01v10.5+3 more2007-06-06
CVE-2007-2864 [CRITICAL] CVE-2007-2864: Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (form Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file.
nvd
CVE-2007-0168P2HIGHCVSS 7.5PoC≤ 11.5v9.012007-01-11
CVE-2007-0168 [HIGH] CVE-2007-0168: The Tape Engine service in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, En The Tape Engine service in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allows remote attackers to execute arbitrary code via certain data in opnum 0xBF in an RPC request, which is directly executed.
nvd
CVE-2006-6379P3HIGHCVSS 7.5PoCv9.01v11+2 more2006-12-10
CVE-2006-6379 [HIGH] CVE-2006-6379: Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCser Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors.
nvd
CVE-2004-0932P3HIGHCVSS 7.5PoCv11.12005-01-27
CVE-2004-0932 [HIGH] CVE-2004-0932: McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4 McAfee Anti-Virus Engine DATS drivers before 4398 released on Oct 13th 2004 and DATS Driver before 4397 October 6th 2004 allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2007-1785P3HIGHCVSS 7.1PoCv9.01v11.1+1 more2007-03-31
CVE-2007-1785 [HIGH] CVE-2007-1785: The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote a The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request.
nvd
CVE-2007-5332P3CRITICALCVSS 10.0PoCv9.01v10.5+3 more2007-10-13
CVE-2007-5332 [CRITICAL] CWE-399 CVE-2007-5332: Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe Bac Multiple unspecified vulnerabilities in (1) mediasvr and (2) caloggerd in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, have unknown impact and attack vectors related to memory corruption.
nvd
CVE-2004-0933P3HIGHCVSS 7.5PoCv11.12005-01-27
CVE-2004-0933 [HIGH] CVE-2004-0933: Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for t Computer Associates (CA) InoculateIT 6.0, eTrust Antivirus r6.0 through r7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, EZ-Armor 2.0 through 2.4, and EZ-Antivirus 6.1 through 6.3 allow remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to z
nvd
CVE-2004-1096P3HIGHCVSS 7.5PoCv11.12005-01-10
CVE-2004-1096 [HIGH] CVE-2004-1096: Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows re Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0935P3HIGHCVSS 7.5PoCv11.12005-01-27
CVE-2004-0935 [HIGH] CVE-2004-0935: Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus prote Eset Anti-Virus before 1.020 (16th September 2004) allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0937P3HIGHCVSS 7.5PoCv11.12005-02-09
CVE-2004-0937 [HIGH] CVE-2004-0937: Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, all Sophos Anti-Virus before 3.87.0, and Sophos Anti-Virus for Windows 95, 98, and Me before 3.88.0, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0936P3HIGHCVSS 7.5PoCv11.12005-01-27
CVE-2004-0936 [HIGH] CVE-2004-0936: RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both RAV antivirus allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2004-0934P3HIGHCVSS 7.5PoCv11.12005-01-27
CVE-2004-0934 [HIGH] CVE-2004-0934: Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file wi Kaspersky 3.x to 4.x allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system.
nvd
CVE-2007-5327P3CRITICALCVSS 10.0v9.01v10.5+3 more2007-10-13
CVE-2007-5327 [CRITICAL] CWE-119 CVE-2007-5327: Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightS Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum.
nvd
Broadcom Brightstor Arcserve Backup vulnerabilities | cvebase