ID CVE-2006-6076
Summary Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502. A denial-of-service condition may also result from exploit attempts.
References
Vulnerable Configurations
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:macintosh:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:macintosh:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:netware:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:netware:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:oracle:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:oracle:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:solaris:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:solaris:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:tru64:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:tru64:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:windows:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:-:*:windows:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.5:sp1:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.5:sp1:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.5:sp2:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.5:sp2:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sql:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sql:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sql:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sql:*:*:*:*:*
CVSS
Base: 10.0 (as of 17-10-2018 - 21:46)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 21221
bugtraq
  • 20061121 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability
  • 20061122 RE: LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability
  • 20070111 [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities
cert-vn VU#437300
confirm
fulldisc
  • 20061121 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability
  • 20061122 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability
sectrack 1017268
secunia
  • 23060
  • 24512
vupen ADV-2006-4654
xf cabrightstorarcserve-tapeeng-bo(30453)
saint via4
  • bid 21221
    description BrightStor ARCserve Backup Tape Engine GetGroupStatus buffer overflow
    id misc_arcservetape
    osvdb 30637
    title brightstor_arcserve_tape_getgroupstatus
    type remote
  • bid 21221
    description BrightStor ARCserve Backup Tape Engine ReserveGroup buffer overflow
    id misc_arcservetape
    osvdb 30637
    title brightstor_arcserve_tape_reservegroup
    type remote
Last major update 17-10-2018 - 21:46
Published 24-11-2006 - 17:07
Last modified 17-10-2018 - 21:46
Back to Top