PT-2007-1175 · Ca · Ca Brightstor Arcserve Backup+3

Published

2007-01-16

Updated

2021-04-07

CVE-2006-5172

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: CA Brightstor ARCserve Backup versions 9.01 through 11.5 CA Enterprise Backup version 10.5 CA Protection Suites version r2

Description: The issue is a stack-based buffer overflow in the RPC interface in Mediasvr.exe, allowing remote attackers to execute arbitrary code via crafted SUNRPC packets.

Recommendations: For CA Brightstor ARCserve Backup versions 9.01 through 11.5, update to a version outside of this range to resolve the issue. For CA Enterprise Backup version 10.5, update to a version outside of this range to resolve the issue. For CA Protection Suites version r2, update to a version outside of this range to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2006-5172

Affected Products

Ca Brightstor Arcserve Backup

Ca Enterprise Backup

Ca Protection Suites

Mediasvr.Exe

PT-2007-1175 · Ca · Ca Brightstor Arcserve Backup+3

CVE-2006-5172

Related Identifiers

Affected Products

References · 13