CVE-2008-5415

Description

The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure.

Related CPE's

a ca arcserve_backup r11.1 *******

a ca arcserve_backup r11.5 *******

a broadcom arcserve_backup r12.0 *******

o microsoft windows ********

References

32764

https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=194293

PatchVendor Advisory

http://community.ca.com/blogs/casecurityresponseblog/archive/2008/12/10.aspx

27299

Vendor Advisory

http://secunia.com/secunia_research/2007-82/

Vendor Advisory

50683

4708

ADV-2008-3404

Vendor Advisory

20081211 Secunia Research: CA ARCserve Backup RPC "handle_t" Argument Vulnerability

20081210 CA ARCserve Backup LDBserver Vulnerability

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version	2.0
VectorString	AV:N/AC:L/Au:N/C:C/I:C/A:C
AccessVector	NETWORK
AccessComplexity	LOW
Authentication	NONE
ConfidentialityImpact	COMPLETE
IntegrityImpact	COMPLETE
AvailabilityImpact	COMPLETE
BaseScore	10

Created by Yello

About Severity.io