CVE-2006-5171

Severity

99%

Complexity

99%

Confidentiality

165%

Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe Overflow," a different vulnerability than CVE-2006-5172.

Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe Overflow," a different vulnerability than CVE-2006-5172.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

Computer Associates BrightStor

First reported 18 years ago

2007-01-16 20:28:00

Last updated 7 years ago

2017-07-20 01:33:00

Affected Software

Computer Associates BrightStor ARCserve Backup 9.01

9.01

Computer Associates BrightStor ARCserve Backup

Computer Associates BrightStor Enterprise Backup 10.5

10.5

References

31319

23648

1017506

http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp

Patch, Vendor Advisory

20070111 Computer Associates Brightstor ARCserve Mediasvr.exe Overflow

Patch, Vendor Advisory

20070111 [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities

22015

ADV-2007-0154

backup-product-buffer-overflow(29343)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.