ID CVE-2005-2535
Summary Buffer overflow in the Discovery Service in BrightStor ARCserve Backup 9.0 through 11.1 allows remote attackers to execute arbitrary commands via a large packet to TCP port 41523, a different vulnerability than CVE-2005-0260.
References
Vulnerable Configurations
  • cpe:2.3:a:ca:arcserve_backup_2000:r16.5:*:windows:ja:*:*:*:*
    cpe:2.3:a:ca:arcserve_backup_2000:r16.5:*:windows:ja:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:7.0:*:linux:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:7.0:*:linux:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:9.0:*:linux:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:9.0:*:linux:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:9.0:*:linux:ja:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:9.0:*:linux:ja:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:9.0:*:netware:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:9.0:*:netware:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:9.0.1:*:windows:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:9.0.1:*:windows:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:windows:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:windows:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:aix:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:aix:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:linux:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:linux:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:macintosh:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:macintosh:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:netware:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:netware:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:solaris:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:solaris:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:tru64:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:tru64:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup_hp:11.1:*:hp:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup_hp:11.1:*:hp:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10:*:solaris:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10:*:solaris:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:aix:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:aix:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:hpux:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:hpux:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:mainframe_linux:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.0:*:mainframe_linux:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:aix:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:aix:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:hp:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:hp:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:solaris:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:solaris:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:tru64:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:tru64:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:windows:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_enterprise_backup:10.5:*:windows:*:*:*:*:*
CVSS
Base: 7.5 (as of 16-11-2017 - 18:31)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 12536
bugtraq
  • 20050211 BrightStor ARCserve Backup buffer overflow PoC
  • 20050211 Re: BrightStor ARCserve Backup buffer overflow PoC
  • 20050215 Re: BrightStor ARCserve Backup buffer overflow PoC
cert-vn VU#966880
confirm http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?ID=32478
osvdb 13814
secunia 14293
xf brightstor-discovery-servicepc-bo(19320)
saint via4
bid 12536
description BrightStor ARCserve Backup discovery service buffer overflow
osvdb 13814
title brightstor_arcserve_discovery
type remote
Last major update 16-11-2017 - 18:31
Published 10-08-2005 - 04:00
Last modified 16-11-2017 - 18:31
Back to Top