Summary
| Detail | |||
|---|---|---|---|
| Vendor | Broadcom | First view | 1998-11-12 |
| Product | Arcserve Backup | Last view | 2012-03-21 |
| Version | Type | Application | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5 | 2012-03-21 | CVE-2012-1662 | CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1 on Windows allows remote attackers to cause a denial of service (service shutdown) via a crafted network request. |
| 10 | 2008-12-11 | CVE-2008-5415 | The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure. |
| 5 | 2008-10-14 | CVE-2008-4400 | Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation." |
| 5 | 2008-10-14 | CVE-2008-4399 | Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation." |
| 5 | 2008-10-14 | CVE-2008-4398 | Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request. |
| 10 | 2008-10-14 | CVE-2008-4397 | Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A. |
| 10 | 2001-09-15 | CVE-2001-0960 | Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges. |
| 6.4 | 2001-09-15 | CVE-2001-0959 | Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files. |
| 1.2 | 2001-05-18 | CVE-2001-1346 | Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp. |
| 10 | 1999-02-21 | CVE-1999-1049 | ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password. |
| 4.6 | 1998-11-12 | CVE-1999-1322 | The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 83% (5) | CWE-20 | Improper Input Validation |
| 16% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 50683 | CA ARCserve Backup on Windows LDBserver Service Client Data Verification Weak... |
| 49471 | CA ARCserve Backup asdbapi.dll Crafted Authentication Credential Remote DoS |
| 49470 | CA ARCserve Backup Database Engine Service (asdbapi.dll) Unspecified Crafted ... |
| 49469 | CA ARCserve Backup Tape Engine Service (asdbapi.dll) Unspecified Crafted Requ... |
| 49468 | CA ARCserve Backup RPC Interface (asdbapi.dll) Traversal Arbitrary Command Ex... |
| 10084 | Multiple Exchange Modules exchverify.log Login Credential Disclosure |
| 10083 | CA ARCserve NT Agents Weak Password Encryption |
| 6765 | CA ARCserveIT asagent inetd.tmp Temporary File Symlink Arbitrary File Overwrite |
| 5483 | CA ARCserve Hidden Share Information Disclosure |
| 5482 | CA ARCserve Backup Agent Credential Disclosure |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2009-B-0002 | Computer Associates ARCserve Backup LDBServer Remote Code Execution Vulnerabi... Severity: Category II - VMSKEY: V0017979 |
| 2008-B-0072 | Multiple Remote Vulnerabilities in Computer Associates ARCserve Backup Severity: Category I - VMSKEY: V0017743 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | DCERPC NCACN-IP-TCP CA Arcserve Backup directory traversal attempt RuleID : 19890 - Type : NETBIOS - Revision : 6 |
| 2014-01-10 | DCERPC NCACN-IP-TCP brightstor-arc function 0 overflow attempt RuleID : 17637 - Type : NETBIOS - Revision : 8 |
| 2014-01-10 | DCERPC NCACN-IP-TCP brightstor-arc function 0 object call overflow attempt RuleID : 17636 - Type : NETBIOS - Revision : 7 |
| 2014-01-10 | DCERPC NCACN-IP-TCP brightstor-arc function 0 little endian overflow attempt RuleID : 17635 - Type : NETBIOS - Revision : 11 |
| 2014-01-10 | DCERPC NCACN-IP-TCP brightstor-arc function 0 little endian object call overf... RuleID : 17634 - Type : NETBIOS - Revision : 8 |
| 2014-01-10 | CA ARCserve Backup DB Engine Denial of Service RuleID : 17520 - Type : SERVER-OTHER - Revision : 10 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2013-08-26 | Name: The remote host is affected by a remote code execution vulnerability. File: arcserve_backup_cve-2008-5415.nasl - Type: ACT_GATHER_INFO |
| 2012-04-05 | Name: The remote service is affected by a denial of service vulnerability. File: arcserve_backup_dos.nasl - Type: ACT_GATHER_INFO |
| 2008-10-14 | Name: Arbitrary code can be executed on the remote host. File: arcserve_command_exec.nasl - Type: ACT_GATHER_INFO |
| 2002-08-22 | Name: Backup share can be accessed without authentication. File: arcserve_hidden_share.nasl - Type: ACT_GATHER_INFO |
