The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Computer Associates Brightstor ARCserve Backup

vulnerability bulletin CVE-2012-1662

CA ARCserve Backup: denial of service

Synthesis of the vulnerability

A network attacker can send malformed queries, in order to stop services of CA ARCserve Backup.
Impacted products: ARCserve Backup.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: intranet client.
Creation date: 21/03/2012.
Identifiers: BID-52655, CA20120320-01, CERTA-2012-AVI-168, CVE-2012-1662, VIGILANCE-VUL-11463.

Description of the vulnerability

The CA ARCserve Backup for Windows product installs services listening on ports.

A network attacker can send malformed queries, in order to stop services of CA ARCserve Backup.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert 10066

CA ARCserve Backup: buffer overflow

Synthesis of the vulnerability

An attacker can send a malicious RPC query, in order to generate a buffer overflow in CA ARCserve Backup, leading to code execution.
Impacted products: ARCserve Backup.
Severity: 3/4.
Consequences: user access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 22/10/2010.
Identifiers: BID-62582, VIGILANCE-VUL-10066.

Description of the vulnerability

Two vulnerabilities were announced in CA ARCserve Backup.

An attacker can send a RPC query to ARCserve Message Engine (port 6504) in order to create a buffer overflow. [severity:3/4]

An attacker can send a RPC query to ARCserve Message Tape (port 6502) in order to create a buffer overflow. [severity:3/4; BID-62582]

An attacker can therefore send a malicious RPC query, in order to generate a buffer overflow in CA ARCserve Backup, leading to code execution.
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2010-2157

CA ARCserve Backup: information disclosure

Synthesis of the vulnerability

A local attacker can use a vulnerability of CA ARCserve Backup, in order to obtain information.
Impacted products: ARCserve Backup.
Severity: 1/4.
Consequences: data reading.
Provenance: user account.
Creation date: 04/06/2010.
Identifiers: BID-40566, CA20100603-01, CERTA-2010-AVI-240, CVE-2010-2157, VIGILANCE-VUL-9683.

Description of the vulnerability

The CA ARCserve Backup product manages backups.

A local attacker can use a vulnerability of CA ARCserve Backup, in order to obtain information.

 This vulnerability could for example be used to access to backups.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Computer Associates Brightstor ARCserve Backup: