ID CVE-2005-1272
Summary Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050.
References
Vulnerable Configurations
  • cpe:2.3:a:ca:brightstor_arcserve_backup:9.0.1:*:windows:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:9.0.1:*:windows:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:9.0_1:*:oracle:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:9.0_1:*:oracle:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:oracle:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:oracle:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:windows:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:windows:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:oracle:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:oracle:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:exchange:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:exchange:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sap:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sap:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sql:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sql:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11:*:exchange:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11:*:exchange:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sap:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sap:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sql:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sql:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:exchange:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:exchange:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sap:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sap:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sql:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sql:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:oracle:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:oracle:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sap:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sap:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sql:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sql:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:oracle:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:oracle:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sap:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sap:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sql:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sql:*:*:*:*:*
CVSS
Base: 7.5 (as of 11-07-2017 - 01:32)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 14453
cert-vn VU#279774
confirm http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239
idefense 20050803 CA BrightStor ARCserve Backup Agent for MS SQL Server Buffer Overflow
xf brightstor-enterprise-backup-bo(21656)
saint via4
bid 14453
description BrightStor ARCserve Backup agent for MS-SQL buffer overflow
id misc_arcservesql
osvdb 18501
title brightstor_arcserve_mssql_agent
type remote
Last major update 11-07-2017 - 01:32
Published 05-08-2005 - 04:00
Last modified 11-07-2017 - 01:32
Back to Top