ID CVE-2008-3175
Summary Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.1:*:*:*:*:*:*:*
    cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.1:*:sp1:*:*:*:*:*
    cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.1:*:sp1:*:*:*:*:*
  • cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.1:*:sp2:*:*:*:*:*
    cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.1:*:sp2:*:*:*:*:*
  • cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.5:*:*:*:*:*:*:*
    cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:sp1:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:sp1:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:sp2:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:sp2:*:*:*:*:*
  • cpe:2.3:a:ca:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
    cpe:2.3:a:ca:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:desktop_management_suite:11.1:*:*:*:*:*:*:*
    cpe:2.3:a:ca:desktop_management_suite:11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:desktop_management_suite:11.2:*:*:*:*:*:*:*
    cpe:2.3:a:ca:desktop_management_suite:11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:protection_suites:2:*:*:*:*:*:*:*
    cpe:2.3:a:ca:protection_suites:2:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:protection_suites:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:ca:protection_suites:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ca:protection_suites:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:ca:protection_suites:3.1:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 11-10-2018 - 20:47)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 30472
bugtraq 20080801 CA ARCserve Backup for Laptops and Desktops Server LGServer Service Vulnerability
confirm https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181721
fulldisc 20080731 Assurent VR - CA ARCserve Backup for Laptops and Desktops LGServer Handshake Buffer Overflow
sectrack 1020590
secunia 31319
vupen ADV-2008-2286
xf ca-abld-rxrpc-bo(44137)
saint via4
bid 30472
description CA ARCserve Backup LGServer handshake buffer overflow
id misc_arcservecategory_lgserverhandshake
osvdb 47545
title brightstor_arcserve_lgserver_handshake
type remote
Last major update 11-10-2018 - 20:47
Published 01-08-2008 - 14:41
Last modified 11-10-2018 - 20:47
Back to Top