Vulnerability in N/a

CVE-2006-6917

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which…

EPSS: 0.512 (97.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

References

supportconnectw.ca.com/public/storage/infodocs/basbrtapeeng-secnotice.asp (x_refsource_MISC)
20061211 Re: LS-20061001 - Computer Associates BrightStor ARCserve Backup (mailing-list, x_refsource_BUGTRAQ)
www3.ca.com/securityadvisor/newsinfo/collateral.aspx (x_refsource_CONFIRM)
www.lssec.com/advisories/LS-20061001.pdf (x_refsource_MISC)
20070111 [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities (mailing-list, x_refsource_BUGTRAQ)
www3.ca.com/securityadvisor/vulninfo/vuln.aspx (x_refsource_CONFIRM)
20061211 Re: LS-20060908 - Computer Associates BrightStor ARCserve Backup (mailing-list, x_refsource_BUGTRAQ)
20070109 CA BrightStor ARCserve Backup Tape Engine Exploit Security Notice (mailing-list, x_refsource_BUGTRAQ)
20061208 LS-20060908 - Computer Associates BrightStor ARCserve Backup v11.5 Remote Buffer Overflow Vulnerability (mailing-list, x_refsource_BUGTRAQ)
3086 (exploit, x_refsource_EXPLOIT-DB)