exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2007-0169

Status Candidate

Overview

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.

Related Files

CA BrightStor ARCserve Message Engine Buffer Overflow
Posted Nov 26, 2009
Authored by patrick, MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in Computer Associates BrightStor ARCserve Backup 11.1 - 11.5 SP2. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2007-0169
SHA-256 | 38992c01beb75cb04dd805a9bcadb1dab7921b19db704a8f59418f9d845fc536
CAID-multi.txt
Posted Jan 14, 2007
Authored by Ken Williams | Site www3.ca.com

CA BrightStor ARCserve Backup contains multiple overflow conditions that can allow a remote attacker to execute arbitrary code with local SYSTEM privileges on Windows. The BrightStor ARCserve Backup Tape Engine service, Mediasvr service, and ASCORE.dll file are affected.

tags | advisory, remote, overflow, arbitrary, local
systems | windows
advisories | CVE-2006-5171, CVE-2006-5172, CVE-2007-0168, CVE-2007-0169, CVE-2006-6076, CVE-2006-6917
SHA-256 | 277d1dc497086cde18530d9b1513f826b6a78561bd1e1048a84224d877383608
Zero Day Initiative Advisory 07-04
Posted Jan 14, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the Tape Engine RPC service which listens by default on TCP port 6503. Affected include BrightStor ARCserve Backup r11.5, BrightStor ARCserve Backup r11.1, BrightStor ARCserve Backup r11, BrightStor Enterprise Backup r10.5, and BrightStor ARCserve Backup v9.01.

tags | advisory, arbitrary, tcp
advisories | CVE-2007-0169
SHA-256 | 989087a7ed2d42991f6c3cdb64913d73a610e31e9ff390c4654a2792a1d17e52
Zero Day Initiative Advisory 07-03
Posted Jan 14, 2007
Authored by Tipping Point | Site zerodayinitiative.com

A vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Backup. User interaction is not required to exploit this vulnerability. The specific flaws exists in the Message Engine RPC service which listens by default on TCP ports 6503 and 6504. Affected include BrightStor ARCserve Backup r11.5, BrightStor ARCserve Backup r11.1, BrightStor ARCserve Backup r11, BrightStor Enterprise Backup r10.5, and BrightStor ARCserve Backup v9.01.

tags | advisory, arbitrary, tcp
advisories | CVE-2007-0169
SHA-256 | 9b55a07b1f727791ae4ace2201edb7d2cac96bc0b34845f31c6f01a415a4807e
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    0 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close