Ca Arcserve Backup vulnerabilities
11 known vulnerabilities affecting ca/arcserve_backup.
Total CVEs
11
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
CRITICAL4HIGH1MEDIUM5LOW1
Vulnerabilities
Page 1 of 1
CVE-2009-3587CRITICALCVSS 9.3vr11.5vr11.12009-10-13
CVE-2009-3587 [CRITICAL] CVE-2009-3587: Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the
Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service and possibly e
nvd
CVE-2009-3588MEDIUMCVSS 4.3vr11.5vr11.12009-10-13
CVE-2009-3588 [MEDIUM] CVE-2009-3588: Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the
Unspecified vulnerability in the arclib component in the Anti-Virus engine in CA Anti-Virus for the Enterprise (formerly eTrust Antivirus) 7.1 through r8.1; Anti-Virus 2007 (v8) through 2009; eTrust EZ Antivirus r7.1; Internet Security Suite 2007 (v3) through Plus 2009; and other CA products allows remote attackers to cause a denial of service via a crafted RA
nvd
CVE-2009-1761MEDIUMCVSS 5.0vr12.02009-06-16
CVE-2009-1761 [MEDIUM] CWE-20 CVE-2009-1761: The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to
The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error.
nvd
CVE-2009-0042CRITICALCVSS 10.0vr11.1vr11.5_nil_+1 more2009-01-28
CVE-2009-0042 [CRITICAL] CVE-2009-0042: Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA An
Multiple unspecified vulnerabilities in the Arclib library (arclib.dll) before 7.3.0.15 in the CA Anti-Virus engine for CA Anti-Virus for the Enterprise 7.1, r8, and r8.1; Anti-Virus 2007 v8 and 2008; Internet Security Suite 2007 v3 and 2008; and other CA products allow remote attackers to bypass virus detection via a malformed archive file.
nvd
CVE-2008-5415CRITICALCVSS 10.0vr11.1vr11.52008-12-11
CVE-2008-5415 [CRITICAL] CVE-2008-5415: The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote
The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure.
nvd
CVE-2008-4397CRITICALCVSS 10.0PoCvr11.1vr11.52008-10-14
CVE-2008-4397 [CRITICAL] CWE-20 CVE-2008-4397: Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.
nvd
CVE-2008-4398MEDIUMCVSS 5.0vr11.1vr11.52008-10-14
CVE-2008-4398 [MEDIUM] CWE-20 CVE-2008-4398: Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly
Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request.
nvd
CVE-2008-4399MEDIUMCVSS 5.0vr11.1vr11.52008-10-14
CVE-2008-4399 [MEDIUM] CWE-20 CVE-2008-4399: Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (forme
Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation."
nvd
CVE-2008-4400MEDIUMCVSS 5.0vr11.1vr11.52008-10-14
CVE-2008-4400 [MEDIUM] CWE-20 CVE-2008-4400: Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup)
Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation."
nvd
CVE-2001-1346LOWCVSS 1.2PoCv6.632001-05-18
CVE-2001-1346 [LOW] CVE-2001-1346: Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite
Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp.
nvd
CVE-2000-0781HIGHCVSS 7.2v6.63_linux2000-10-20
CVE-2000-0781 [HIGH] CVE-2000-0781: uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership o
uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved.
nvd