PT-2007-7438 · Ca · Ca Arcserve Backup

Luigi Auriemma

Published

2007-04-10

Updated

2021-04-07

CVE-2008-1979

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions CA ARCserve Backup versions 12.0.5454.0 and earlier

Description The issue allows remote attackers to cause a denial of service (crash) via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read.

Recommendations For CA ARCserve Backup versions 12.0.5454.0 and earlier, consider restricting access to TCP port 41523 as a temporary workaround until a patch is available.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

CVE-2008-1979

Affected Products

Ca Arcserve Backup

PT-2007-7438 · Ca · Ca Arcserve Backup

CVE-2008-1979

Weakness Enumeration

Related Identifiers

Affected Products

References · 11