Lucene search
SAINT CorporationSAINT:53FCF127771E89CD8C76DA47C3BF6B4BHistoryDec 08, 2006 - 12:00 a.m.
BrightStor ARCserve Discovery service 9b command buffer overflow
2006-12-0800:00:00
SAINT Corporation
download.saintcorporation.com
27
EPSS
0.911
Percentile
98.9%
Added: 12/08/2006
CVE: CVE-2006-6379
BID: 21502
OSVDB: 30775
Background
The BrightStor ARCserve Backup server includes a discovery service which listens on ports 41523/TCP and 41524/UDP.
Problem
A buffer overflow vulnerability in the **ASBRDCST.DLL** library allows remote attackers to execute arbitrary commands by sending a specially crafted command of type 9b to the discovery service.
Resolution
Apply a fix from Computer Associates.
References
<http://supportconnectw.ca.com/public/storage/infodocs/babsecurity-notice.asp>
Limitations
Exploit works on BrightStor ARCserve Backup 11.1 SP2.
Platforms
Windows
Related
saint
saint
BrightStor ARCserve Discovery service 9b command buffer overflow
2006-12-08 00:00:00
BrightStor ARCserve Discovery service 9b command buffer overflow
2006-12-08 00:00:00
BrightStor ARCserve Discovery service 9b command buffer overflow
2006-12-08 00:00:00
cve
cve
CVE-2006-6379
2006-12-10 19:28:00
checkpoint_advisories
checkpoint_advisories
CA Products Discovery Service Remote Buffer Overflow (CVE-2006-6379)
2007-02-07 00:00:00
exploitdb
exploitdb
CA BrightStor ARCserve Backup - Remote Overflow
2005-08-03 00:00:00
nessus
nessus
CA BrightStor ARCserve Backup Discovery Service Overflow
2006-12-12 00:00:00
nvd
nvd
CVE-2006-6379
2006-12-10 19:28:00
securityvulns
securityvulns
cvelist
cvelist
CVE-2006-6379
2006-12-10 19:00:00