Summary
Detail | |||
---|---|---|---|
Vendor | Broadcom | First view | 1998-11-12 |
Product | Arcserve Backup | Last view | 2012-03-21 |
Version | Type | Application | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
5 | 2012-03-21 | CVE-2012-1662 | CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1 on Windows allows remote attackers to cause a denial of service (service shutdown) via a crafted network request. |
10 | 2008-12-11 | CVE-2008-5415 | The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure. |
5 | 2008-10-14 | CVE-2008-4400 | Unspecified vulnerability in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash of multiple services) via crafted authentication credentials, related to "insufficient validation." |
5 | 2008-10-14 | CVE-2008-4399 | Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation." |
5 | 2008-10-14 | CVE-2008-4398 | Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request. |
10 | 2008-10-14 | CVE-2008-4397 | Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A. |
10 | 2001-09-15 | CVE-2001-0960 | Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges. |
6.4 | 2001-09-15 | CVE-2001-0959 | Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files. |
1.2 | 2001-05-18 | CVE-2001-1346 | Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp. |
10 | 1999-02-21 | CVE-1999-1049 | ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password. |
4.6 | 1998-11-12 | CVE-1999-1322 | The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
83% (5) | CWE-20 | Improper Input Validation |
16% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
50683 | CA ARCserve Backup on Windows LDBserver Service Client Data Verification Weak... |
49471 | CA ARCserve Backup asdbapi.dll Crafted Authentication Credential Remote DoS |
49470 | CA ARCserve Backup Database Engine Service (asdbapi.dll) Unspecified Crafted ... |
49469 | CA ARCserve Backup Tape Engine Service (asdbapi.dll) Unspecified Crafted Requ... |
49468 | CA ARCserve Backup RPC Interface (asdbapi.dll) Traversal Arbitrary Command Ex... |
10084 | Multiple Exchange Modules exchverify.log Login Credential Disclosure |
10083 | CA ARCserve NT Agents Weak Password Encryption |
6765 | CA ARCserveIT asagent inetd.tmp Temporary File Symlink Arbitrary File Overwrite |
5483 | CA ARCserve Hidden Share Information Disclosure |
5482 | CA ARCserve Backup Agent Credential Disclosure |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2009-B-0002 | Computer Associates ARCserve Backup LDBServer Remote Code Execution Vulnerabi... Severity: Category II - VMSKEY: V0017979 |
2008-B-0072 | Multiple Remote Vulnerabilities in Computer Associates ARCserve Backup Severity: Category I - VMSKEY: V0017743 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | DCERPC NCACN-IP-TCP CA Arcserve Backup directory traversal attempt RuleID : 19890 - Type : NETBIOS - Revision : 6 |
2014-01-10 | DCERPC NCACN-IP-TCP brightstor-arc function 0 overflow attempt RuleID : 17637 - Type : NETBIOS - Revision : 8 |
2014-01-10 | DCERPC NCACN-IP-TCP brightstor-arc function 0 object call overflow attempt RuleID : 17636 - Type : NETBIOS - Revision : 7 |
2014-01-10 | DCERPC NCACN-IP-TCP brightstor-arc function 0 little endian overflow attempt RuleID : 17635 - Type : NETBIOS - Revision : 11 |
2014-01-10 | DCERPC NCACN-IP-TCP brightstor-arc function 0 little endian object call overf... RuleID : 17634 - Type : NETBIOS - Revision : 8 |
2014-01-10 | CA ARCserve Backup DB Engine Denial of Service RuleID : 17520 - Type : SERVER-OTHER - Revision : 10 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2013-08-26 | Name: The remote host is affected by a remote code execution vulnerability. File: arcserve_backup_cve-2008-5415.nasl - Type: ACT_GATHER_INFO |
2012-04-05 | Name: The remote service is affected by a denial of service vulnerability. File: arcserve_backup_dos.nasl - Type: ACT_GATHER_INFO |
2008-10-14 | Name: Arbitrary code can be executed on the remote host. File: arcserve_command_exec.nasl - Type: ACT_GATHER_INFO |
2002-08-22 | Name: Backup share can be accessed without authentication. File: arcserve_hidden_share.nasl - Type: ACT_GATHER_INFO |