NASLDB: CA BrightStor ARCserve Backup Tape Engine and Portmapper Multiple Vulnerabilities (QO86255)
General
ID: 24816
Name: CA BrightStor ARCserve Backup Tape Engine and Portmapper Multiple Vulnerabilities (QO86255)
Summary: Checks version of BrightStor ARCserve Backup
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C
Port: –
Family: Windows
Type: Remote
Description
According to its version, the installation of BrightStor ARCserve
Backup on the remote host is affected by multiple buffer overflows
involving the application’s Tape Engine and portmapper services. An
unauthenticated, remote attacker may be able to leverage these issues
to crash or disable the services or to execute arbitrary code on the
affected host with SYSTEM privileges.
Exploiting
Exploit Available: True
Exploitability Ease: Exploits are available
Sources
CVE: CVE-2006-6076
OSVDB: –
Bugtraq: 21221
scipID: –
Timeline
Vulnerability Disclosure: 2006/11/21
Patch Release: –
Plugin Release: 2007/03/16
Plugin
Version: 1.15
Filename: arcserve_qo86255.nasl
Filesize: 3457 bytes
MD5 Hash: 1a8adc21e268eb53588444421e7ecfc4
Identification: ARCSERVE/Discovery/Version
Require Keys: ARCSERVE/Discovery/Version
Dependencies: "arcserve_discovery_service_detect.nasl"
Copyright: This script is Copyright© 2007-2012 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack