CVE-2006-6076

Severity

99%

Complexity

99%

Confidentiality

165%

A denial-of-service condition may also result from exploit attempts.

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502.

A denial-of-service condition may also result from exploit attempts.

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

Computer Associates BrightStor

First reported 18 years ago

2006-11-24 17:07:00

Last updated 6 years ago

2018-10-17 21:46:00

Affected Software

Computer Associates BrightStor ARCserve Backup 11.1

11.1

Computer Associates BrightStor ARCserve Backup

Computer Associates BrightStor ARCServe Backup 11.5 SP1

11.5

References

20061121 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability

20061122 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability

23060

Vendor Advisory

24512

1017268

http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp

VU#437300

US Government Resource

20061121 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability

20061122 RE: LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability

20070111 [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities

21221

ADV-2006-4654

http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817

cabrightstorarcserve-tapeeng-bo(30453)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.