CVE-2007-1447
https://notcve.org/view.php?id=CVE-2007-1447
The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC procedure arguments, which result in memory corruption, a different vulnerability than CVE-2006-6076. El motor de cinta en CA (formalmente Computer Associates) BrightStor ARCserve Backup 11.5 y anteriores permite a atacantes remotos provocar denegación de servicio y posiblemente ejecutar código de su elección a través de ciertos argumentos de procesos RPC, lo cual deriva en una corrupción memoria, una vulnerabilidad diferente que la CVE-2006-6076. • http://secunia.com/advisories/24512 http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp http://www.kb.cert.org/vuls/id/375353 http://www.osvdb.org/32990 http://www.securityfocus.com/bid/22994 http://www.securitytracker.com/id?1017783 http://www.vupen.com/english/advisories/2007/0971 http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317 https://exchange.xforce.ibmcloud.com/vulnerabilities/33017 •
CVE-2007-0816 – CA BrightStor ARCserve 11.5.2.0 - 'catirpc.dll' RPC Server Denial of Service
https://notcve.org/view.php?id=CVE-2007-0816
The RPC Server service (catirpc.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 SP2 and earlier allows remote attackers to cause a denial of service (service crash) via a crafted TADDR2UADDR that triggers a null pointer dereference in catirpc.dll, possibly related to null credentials or verifier fields. El servicio RPC Server (catirpc.exe) en CA (anteriormente Computer Associates) BrightStor ARCserve Backup versión 11.5 SP2 y anteriores, permite a atacantes remotos causar una denegación de servicio (bloqueo del servicio) por medio de un TADDR2UADDR diseñado que desencadena una desreferencia del puntero null en biblioteca catirpc.dll, posiblemente relacionada con credenciales nulas o campos de comprobación. • https://www.exploit-db.com/exploits/3248 http://osvdb.org/32989 http://secunia.com/advisories/24009 http://secunia.com/advisories/24512 http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp http://www.securityfocus.com/bid/22365 http://www.vupen.com/english/advisories/2007/0461 http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317 http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=35058 https://exchange.xforce.ibmcloud.com/vulnerabilities •
CVE-2006-5171
https://notcve.org/view.php?id=CVE-2006-5171
Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe Overflow," a different vulnerability than CVE-2006-5172. Desbordamiento de búfer basado en pila en el interfaz RPC en Mediasvr.exe en Computer Associates (CA) Brightstor ARCserve Backup 9.01 hasta 11.5, Enterprise Backup 10.5, y CA Protection Suites r2 permite a atacantes remotos ejecutar código de su elección mediante paquetes SUNRPC manipulados, también conocido como el "Desbordamiento Mediasvr.exe" una vulnerabilidad distinta a CVE-2006-5172. • http://osvdb.org/31319 http://secunia.com/advisories/23648 http://securitytracker.com/id?1017506 http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp http://www.iss.net/threats/252.html http://www.securityfocus.com/archive/1/456711 http://www.securityfocus.com/bid/22015 http://www.vupen.com/english/advisories/2007/0154 https://exchange.xforce.ibmcloud.com/vulnerabilities/29343 •
CVE-2006-5172
https://notcve.org/view.php?id=CVE-2006-5172
Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe String Handling Overflow," a different vulnerability than CVE-2006-5171. Desbordamiento de búfer basado en pila en el interfaz RPC de Mediasvr.exe en Computer Associates (CA) Brightstor ARCserve Backup 9.01 hasta 11.5, Enterprise Backup 10.5, y CA Protection Suites r2 permite a atacantes remotos ejecutar código de su elección mediante paquetes SUNRPC artesanales, también conocido como "Mediasvr.exe String Handling Overflow", una vulnerabilidad diferente que CVE-2006-5171. • http://osvdb.org/31320 http://secunia.com/advisories/23648 http://securitytracker.com/id?1017506 http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp http://www.iss.net/threats/253.html http://www.securityfocus.com/archive/1/456711 http://www.securityfocus.com/bid/22016 http://www.vupen.com/english/advisories/2007/0154 https://exchange.xforce.ibmcloud.com/vulnerabilities/29344 •
CVE-2007-0168 – CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2007-0168
The Tape Engine service in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allows remote attackers to execute arbitrary code via certain data in opnum 0xBF in an RPC request, which is directly executed. El servicio Tape Engine en Computer Associates (CA) BrightStor ARCserve Backup 9.01 hasta 11.5, Enterprise Backup 10.5, y CA Server/Business Protection Suite r2 permite a atacantes remotos ejecutar código de su elección mediante ciertos datos en opnum 0xBF en una petición RPC que es directamente ejecutada. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the handling of RPC requests to the Tape Engine service which listens by default on TCP port 6502 with the following UUID: 62b93df0-8b02-11ce-876c-00805f842837 The handler function for RPC opnum 0xBF directly calls user-supplied data in the RPC request, resulting in trivial arbitrary code execution. • https://www.exploit-db.com/exploits/29444 http://livesploit.com/advisories/LS-20061002.pdf http://osvdb.org/31327 http://secunia.com/advisories/23648 http://securitytracker.com/id?1017506 http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp http://www.kb.cert.org/vuls/id/662400 http://www.lssec.com/advisories/LS-20061002.pdf http://www.securityfocus.com/archive/1/456616/100/0/threaded http://www.securityfocus.com/archive/1/456637 http://www.secur •