CVE-2008-3175
https://notcve.org/view.php?id=CVE-2008-3175
Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow. Subdesbordamiento de enteros en la biblioteca rxRPC.dll en el servicio LGServer en el servidor en CA ARCserve Backup versiones 11.0 hasta 11.5 para ordenadores Portátiles y Escritorios, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio por medio de un mensaje diseñado que desencadena un desbordamiento de búfer. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063594.html http://secunia.com/advisories/31319 http://www.securityfocus.com/archive/1/495020/100/0/threaded http://www.securityfocus.com/bid/30472 http://www.securitytracker.com/id?1020590 http://www.vupen.com/english/advisories/2008/2286 https://exchange.xforce.ibmcloud.com/vulnerabilities/44137 https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181721 • CWE-189: Numeric Errors •
CVE-2008-1329
https://notcve.org/view.php?id=CVE-2008-1329
Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads." Vulnerabilidad no especificada del servicio NetBackup de CA ARCserve Backup for Laptops and Desktops versiones de la r11.0 a la r11.5 y Suite 11.1 and 11.2, permite a atacantes remotos ejecutar comandos de su elección, relacionado con “subidas de archivos sin suficiente verificacion” • http://securityreason.com/securityalert/3800 http://www.securityfocus.com/archive/1/490463/100/0/threaded http://www.securityfocus.com/bid/28616 http://www.securitytracker.com/id?1019788 http://www.vupen.com/english/advisories/2008/1104/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41642 https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105 •
CVE-2008-1328
https://notcve.org/view.php?id=CVE-2008-1328
Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified "command arguments." Desbordamiento de Búfer del Servicio LGServer de CA ARCserve Backup for Laptops and Desktops versiones de la r11.0 a la r11.5 y Suite 11.1 and 11.2, permite a atacantes remotos ejecutar código de su elección a través de argumentos de comando no especificados. • http://securityreason.com/securityalert/3800 http://www.securityfocus.com/archive/1/490463/100/0/threaded http://www.securityfocus.com/bid/28616 http://www.securitytracker.com/id?1019788 http://www.vupen.com/english/advisories/2008/1104/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41641 https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-5003 – CA BrightStor ARCserve for Laptops & Desktops LGServer - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-5003
Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function. Múltiples desbordamientos de búfer basado en pila en CA (Computer Associates) BrightStor ARCserve Backup para Portátil y Sobremesa r11.0 hasta r11.5 permiten a atacantes remotos ejecutar código de su elección mediante un (1) nombre de usuario ó (2) contraseña largos en el comando rxrLogin de rxRPC.dll, ó un (3) argumento nombre de usuario largo en la función GetUserInfo. • https://www.exploit-db.com/exploits/16411 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599 http://research.eeye.com/html/advisories/published/AD20070920.html http://secunia.com/advisories/25606 http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674 http://www.securityfocus.com/archive/1/480252/100/100 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-5006
https://notcve.org/view.php?id=CVE-2007-5006
Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores. Múltiples gestores de comandos de CA (Computer Associates) BrightStor ARCserve Backup para Portátil y Sobremesa r11.0 hasta r11.5 no verifican si un par está autenticado, lo cual permite a atacantes remotos añadir y borrar usuarios, e inicializar recuperaciones de cliente. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=598 http://secunia.com/advisories/25606 http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35677 http://www.securityfocus.com/archive/1/480252/100/100/threaded http://www.securityfocus.com/bid/24348 http://www.securitytracker.com/id?1018728 • CWE-287: Improper Authentication •