CVE-2006-5172

Description

Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe String Handling Overflow," a different vulnerability than CVE-2006-5171.

Related CPE's

Could not find any relations

References

http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp

Exploit

20070111 Computer Associates Brightstor ARCserve Mediasvr.exe String Handling Overflow

22016

23648

1017506

20070111 [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities

31320

ADV-2007-0154

backup-product-string-overflow(29344)

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version	2.0
VectorString	AV:N/AC:L/Au:N/C:C/I:C/A:C
AccessVector	NETWORK
AccessComplexity	LOW
Authentication	NONE
ConfidentialityImpact	COMPLETE
IntegrityImpact	COMPLETE
AvailabilityImpact	COMPLETE
BaseScore	10

Created by Yello

About Severity.io