Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Brightstor_arcserve_backup
(Broadcom)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 41 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-08-10 | CVE-2005-2535 | Buffer overflow in the Discovery Service in BrightStor ARCserve Backup 9.0 through 11.1 allows remote attackers to execute arbitrary commands via a large packet to TCP port 41523, a different vulnerability than CVE-2005-0260. | Arcserve_backup_2000, Brightstor_arcserve_backup, Brightstor_arcserve_backup_hp, Brightstor_enterprise_backup | N/A | ||
| 2007-06-06 | CVE-2007-2864 | Stack-based buffer overflow in the Anti-Virus engine before content update 30.6 in multiple CA (formerly Computer Associates) products allows remote attackers to execute arbitrary code via a large invalid value of the coffFiles field in a .CAB file. | Anti\-Virus_for_the_enterprise, Brightstor_arcserve_backup, Common_services, Etrust_antivirus, Etrust_antivirus_gateway, Etrust_antivirus_sdk, Etrust_ez_antivirus, Etrust_ez_armor, Integrated_threat_management, Internet_security_suite, Unicenter_network_and_systems_management, Etrust_secure_content_manager, Protection_suites | N/A | ||
| 2007-07-26 | CVE-2007-3875 | arclib.dll before 7.3.0.9 in CA Anti-Virus (formerly eTrust Antivirus) 8 and certain other CA products allows remote attackers to cause a denial of service (infinite loop and loss of antivirus functionality) via an invalid "previous listing chunk number" field in a CHM file. | Anti\-Spyware, Anti\-Virus_for_the_enterprise, Anti_virus_sdk, Antispyware_for_the_enterprise, Antivirus_sdk, Brightstor_arcserve_backup, Brightstor_arcserve_client, Brightstor_enterprise_backup, Brigthstor_arcserve_client_for_windows, Common_services, Etrust_antivirus, Etrust_antivirus_gateway, Etrust_ez_antivirus, Etrust_ez_armor, Etrust_internet_security_suite, Etrust_intrusion_detection, Internet_security_suite, Secure_content_manager, Threat_manager, Unicenter_network_and_systems_management, Brightstor_arcserve_backup, Etrust_intrusion_detection, Protection_suites | N/A | ||
| 2005-12-31 | CVE-2005-3653 | Heap-based buffer overflow in the iGateway service for various Computer Associates (CA) iTechnology products, in iTechnology iGateway before 4.0.051230, allows remote attackers to execute arbitrary code via an HTTP request with a negative Content-Length field. | Brightstor_arcserve_backup, Brightstor_arcserve_backup_laptops_desktops, Brightstor_portal, Brightstor_process_automation_manager, Brightstor_san_manager, Brightstor_storage_resource_manager, Etrust_admin, Etrust_audit_aries, Etrust_audit_irecorder, Etrust_identity_minder, Etrust_integrated_threat_management, Itechnology_igateway, Unicenter_asset_portfolio_management, Unicenter_autosys_jm, Unicenter_service_delivery, Unicenter_service_desk, Unicenter_service_desk_knowledge_tools, Unicenter_service_fulfillment, Unicenter_service_metric_analysis, Brightstor_arcserve_backup, Brightstor_enterprise_backup, Etrust_audit_aries, Etrust_directory, Etrust_secure_content_manager, Unicenter_application_performance_monitor, Unicenter_application_server_managment, Unicenter_ca_web_services_distributed_management, Unicenter_exchange_management_console, Unicenter_management, Unicenter_service_catalog_fulfillment_accounting, Unicenter_service_fulfillment, Unicenter_service_level_management, Unicenter_web_server_management, Unicenter_web_services_distributed_management | N/A | ||
| 2007-04-25 | CVE-2007-2139 | Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785. | Brightstor_arcserve_backup, Business_protection_suite, Server_protection_suite, Brightstor_arcserve_backup, Business_protection_suite | N/A | ||
| 2008-05-21 | CVE-2008-2241 | Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file. | Brightstor_arcserve_backup, Server_protection_suite, Brightstor_arcserve_backup, Business_protection_suite | N/A | ||
| 2007-10-13 | CVE-2007-5331 | Queue.dll for the message queuing service (LQserver.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a malformed ONRPC protocol request for operation 0x76, which causes ARCserve Backup to dereference arbitrary pointers. | Brightstor_arcserve_backup, Brightstor_enterprise_backup, Business_protection_suite, Server_protection_suite, Brightstor_arcserve_backup, Business_protection_suite | N/A | ||
| 2007-10-13 | CVE-2007-5329 | Unspecified vulnerability in dbasvr in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, has unknown impact and attack vectors related to memory corruption. | Brightstor_arcserve_backup, Brightstor_enterprise_backup, Business_protection_suite, Server_protection_suite, Brightstor_arcserve_backup, Business_protection_suite | N/A | ||
| 2007-10-13 | CVE-2007-5326 | Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors. | Brightstor_arcserve_backup, Brightstor_enterprise_backup, Business_protection_suite, Server_protection_suite, Brightstor_arcserve_backup, Business_protection_suite | N/A | ||
| 2005-01-10 | CVE-2004-1096 | Archive::Zip Perl module before 1.14, when used by antivirus programs such as amavisd-new, allows remote attackers to bypass antivirus protection via a compressed file with both local and global headers set to zero, which does not prevent the compressed file from being opened on a target system. | Brightstor_arcserve_backup, Etrust_antivirus, Etrust_antivirus_gateway, Etrust_ez_antivirus, Etrust_ez_armor, Etrust_intrusion_detection, Etrust_secure_content_manager, Inoculateit, Etrust_antivirus, Etrust_secure_content_manager, Nod32_antivirus, Linux, Kaspersky_anti\-Virus, Mandrake_linux, Antivirus_engine, Rav_antivirus_desktop, Rav_antivirus_for_file_servers, Rav_antivirus_for_mail_servers, Sophos_anti\-Virus, Sophos_puremessage_anti\-Virus, Sophos_small_business_suite, Suse_linux | N/A |