10

CVE-2006-6917

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly handled in TAPEUTIL.dll 11.5.3884.0, or (2) opnum 37, which is not properly handled in TAPEENG.dll 11.5.3884.0.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 29.35% 0.979
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.securityfocus.com/archive/1/456711
http://supportconnectw.ca.com/public/storage/infodocs/basbrtapeeng-secnotice.asp
http://www.lssec.com/advisories/LS-20060908.pdf
http://www.lssec.com/advisories/LS-20061001.pdf
http://www.securityfocus.com/archive/1/453930/30/390/threaded
http://www.securityfocus.com/archive/1/453933/30/420/threaded
http://www.securityfocus.com/archive/1/454088/30/0/threaded
http://www.securityfocus.com/archive/1/454094/30/360/threaded
http://www.securityfocus.com/archive/1/456428/100/0/threaded
http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97428
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34959
https://www.exploit-db.com/exploits/3086