CVE-2006-6379

Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp	Vendor Advisory
http://www.securityfocus.com/bid/21502	Vendor Advisory
http://www.osvdb.org/30775
http://securitytracker.com/id?1017356
http://securityreason.com/securityalert/2010
http://www.vupen.com/english/advisories/2006/4910
https://exchange.xforce.ibmcloud.com/vulnerabilities/30791
http://www.securityfocus.com/archive/1/453916/100/0/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp1::::::
	cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:::::::*
	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:::::::*
	cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:::::::*
	cpe:2.3:a:broadcom:server_protection_suite:2:::::::*
	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:::::::*
	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:::::::*

Information

Published : 2006-12-10 11:28

Updated : 2021-04-09 11:54

NVD link : CVE-2006-6379

Mitre link : CVE-2006-6379

JSON object : View

CWE

NVD-CWE-Other

Products Affected

broadcom

brightstor_enterprise_backup
server_protection_suite
brightstor_arcserve_backup

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp", "name": "http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/21502", "name": "21502", "tags": ["Vendor Advisory"], "refsource": "BID"}, {"url": "http://www.osvdb.org/30775", "name": "30775", "tags": [], "refsource": "OSVDB"}, {"url": "http://securitytracker.com/id?1017356", "name": "1017356", "tags": [], "refsource": "SECTRACK"}, {"url": "http://securityreason.com/securityalert/2010", "name": "2010", "tags": [], "refsource": "SREASON"}, {"url": "http://www.vupen.com/english/advisories/2006/4910", "name": "ADV-2006-4910", "tags": [], "refsource": "VUPEN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30791", "name": "brightstor-arcserv-discovery-bo(30791)", "tags": [], "refsource": "XF"}, {"url": "http://www.securityfocus.com/archive/1/453916/100/0/threaded", "name": "20061208 [CAID 34846]: CA BrightStor ARCserve Backup Discovery Service Buffer Overflow Vulnerability", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Buffer overflow in the BrightStor Backup Discovery Service in multiple CA products, including ARCserve Backup r11.5 SP1 and earlier, ARCserve Backup 9.01 up to 11.1, Enterprise Backup 10.5, and CA Server Protection Suite r2, allows remote attackers to execute arbitrary code via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2006-6379", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2006-12-10T19:28Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2021-04-09T18:54Z"}

7.5 /10