PT-2005-3429 · Ca · Ca Brightstor Arcserve Backup

Cybertronic

Published

2005-08-10

Updated

2021-05-20

CVE-2005-2535

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions BrightStor ARCserve Backup versions 9.0 through 11.1

Description A buffer overflow issue exists in the Discovery Service of the affected software, allowing remote attackers to execute arbitrary commands. This is achieved by sending a large packet to TCP port 41523.

Recommendations For versions 9.0 through 11.1, update to a version that contains a fix for this issue to prevent remote attackers from executing arbitrary commands. As a temporary workaround, consider restricting access to TCP port 41523 to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2535

Affected Products

Ca Brightstor Arcserve Backup

PT-2005-3429 · Ca · Ca Brightstor Arcserve Backup

CVE-2005-2535

Related Identifiers

Affected Products

References · 15