CVE-2008-5415
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure.
El servicio LDBserver en el servidor en CA ARCserve Backup versiones 11.1 hasta 12.0 en Windows, permite a atacantes remotos ejecutar código arbitrario por medio de un argumento handle_t hacia un endpoint RPC en el que el argumento hace referencia a un procedimiento incompatible.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-12-09 CVE Reserved
- 2008-12-10 CVE Published
- 2023-06-11 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://community.ca.com/blogs/casecurityresponseblog/archive/2008/12/10.aspx | X_refsource_confirm | |
| http://osvdb.org/50683 | Vdb Entry | |
| http://securityreason.com/securityalert/4708 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/499104/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/499128/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/32764 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=194293 | 2021-04-07 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/27299 | 2021-04-07 | |
| http://secunia.com/secunia_research/2007-82 | 2021-04-07 | |
| http://www.vupen.com/english/advisories/2008/3404 | 2021-04-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Broadcom Search vendor "Broadcom" | Arcserve Backup Search vendor "Broadcom" for product "Arcserve Backup" | r12.0 Search vendor "Broadcom" for product "Arcserve Backup" and version "r12.0" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Ca Search vendor "Ca" | Arcserve Backup Search vendor "Ca" for product "Arcserve Backup" | r11.1 Search vendor "Ca" for product "Arcserve Backup" and version "r11.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|
| Ca Search vendor "Ca" | Arcserve Backup Search vendor "Ca" for product "Arcserve Backup" | r11.5 Search vendor "Ca" for product "Arcserve Backup" and version "r11.5" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | * | - |
Safe
|