Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Arcserve_backup
(Broadcom)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 12 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2008-10-14 | CVE-2008-4399 | Unspecified vulnerability in the database engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request, related to "insufficient validation." | Arcserve_backup, Business_protection_suite, Server_protection_suite, Arcserve_backup, Business_protection_suite | N/A | ||
| 2008-10-14 | CVE-2008-4398 | Unspecified vulnerability in the tape engine service in asdbapi.dll in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to cause a denial of service (crash) via a crafted request. | Arcserve_backup, Business_protection_suite, Server_protection_suite, Arcserve_backup, Business_protection_suite | N/A | ||
| 2008-10-14 | CVE-2008-4397 | Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A. | Arcserve_backup, Business_protection_suite, Server_protection_suite, Arcserve_backup, Business_protection_suite | N/A | ||
| 1998-11-12 | CVE-1999-1322 | The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext. | Arcserve_backup, Inoculan, Exchange_server | N/A | ||
| 2012-03-22 | CVE-2012-1662 | CA ARCserve Backup r12.0 through SP2, r12.5 before SP2, r15 through SP1, and r16 before SP1 on Windows allows remote attackers to cause a denial of service (service shutdown) via a crafted network request. | Arcserve_backup | N/A | ||
| 2008-12-11 | CVE-2008-5415 | The LDBserver service in the server in CA ARCserve Backup 11.1 through 12.0 on Windows allows remote attackers to execute arbitrary code via a handle_t argument to an RPC endpoint in which the argument refers to an incompatible procedure. | Arcserve_backup, Arcserve_backup | N/A | ||
| 2001-05-18 | CVE-2001-1346 | Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite arbitrary files via a symlink attack on the temporary files (1) asagent.tmp or (2) inetd.tmp. | Arcserve_backup, Arcserve_backup | N/A | ||
| 2001-09-15 | CVE-2001-0960 | Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges. | Arcserve_backup, Arcserve_backup_2000, Arcserve_backup_2000 | N/A | ||
| 2001-09-15 | CVE-2001-0959 | Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files. | Arcserve_backup, Arcserve_backup_2000, Arcserve_backup_2000 | N/A | ||
| 1999-02-21 | CVE-1999-1049 | ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password. | Arcserve_backup | N/A |