ID CVE-2008-1329
Summary Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads."
References
Vulnerable Configurations
  • cpe:2.3:a:ca:desktop_management_suite:11.1:*:*:*:*:*:*:*
    cpe:2.3:a:ca:desktop_management_suite:11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.0:*:*:*:*:*:*:*
    cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.1:*:*:*:*:*:*:*
    cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.1:sp1:*:*:*:*:*:*
    cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.1:sp1:*:*:*:*:*:*
  • cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.1:sp2:*:*:*:*:*:*
    cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.1:sp2:*:*:*:*:*:*
  • cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.5:*:*:*:*:*:*:*
    cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:computer_associates:desktop_management_suite:11.2:*:english:*:*:*:*:*
    cpe:2.3:a:computer_associates:desktop_management_suite:11.2:*:english:*:*:*:*:*
  • cpe:2.3:a:computer_associates:desktop_management_suite:11.2:*:localized:*:*:*:*:*
    cpe:2.3:a:computer_associates:desktop_management_suite:11.2:*:localized:*:*:*:*:*
CVSS
Base: 10.0 (as of 11-10-2018 - 20:31)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 28616
bugtraq 20080404 CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities
confirm https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105
sectrack 1019788
sreason 3800
vupen ADV-2008-1104
xf ca-arcserverbackup-netbackup-code-execution(41642)
saint via4
bid 28616
description CA ARCserve Backup for Laptops and Desktops LGServer service code execution
id misc_arcservecategory_lgservernb
osvdb 44320
title brightstor_arcserve_lgserver2
type remote
Last major update 11-10-2018 - 20:31
Published 07-04-2008 - 18:44
Last modified 11-10-2018 - 20:31
Back to Top