1. CVE-Search
  2. CVE-2006-5171
ID CVE-2006-5171
Summary Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe Overflow," a different vulnerability than CVE-2006-5172.
References
Vulnerable Configurations
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:macintosh:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:macintosh:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:netware:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:netware:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:oracle:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:oracle:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:solaris:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:solaris:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:tru64:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:tru64:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:windows:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:windows:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp1:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp1:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp2:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp2:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*
    cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 07-04-2021 - 18:20)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 22015
bugtraq 20070111 [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities
confirm http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp
iss 20070111 Computer Associates Brightstor ARCserve Mediasvr.exe Overflow
osvdb 31319
sectrack 1017506
secunia 23648
vupen ADV-2007-0154
xf backup-product-buffer-overflow(29343)
Last major update 07-04-2021 - 18:20
Published 16-01-2007 - 20:28
Last modified 07-04-2021 - 18:20
Back to Top