Vulnerability Details CVE-2006-6076
Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.74
EPSS Ranking 98.7%
CVSS Severity
CVSS v2 Score 10.0
References
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050808.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050814.html
- http://secunia.com/advisories/23060
- http://secunia.com/advisories/24512
- http://securitytracker.com/id?1017268
- http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp
- http://www.kb.cert.org/vuls/id/437300
- http://www.securityfocus.com/archive/1/452222/100/0/threaded
- http://www.securityfocus.com/archive/1/452318/100/0/threaded
- http://www.securityfocus.com/archive/1/456711
- http://www.securityfocus.com/bid/21221
- http://www.vupen.com/english/advisories/2006/4654
- http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
- http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30453
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050808.html
- http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050814.html
- http://secunia.com/advisories/23060
- http://secunia.com/advisories/24512
- http://securitytracker.com/id?1017268
- http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp
- http://www.kb.cert.org/vuls/id/437300
- http://www.securityfocus.com/archive/1/452222/100/0/threaded
- http://www.securityfocus.com/archive/1/452318/100/0/threaded
- http://www.securityfocus.com/archive/1/456711
- http://www.securityfocus.com/bid/21221
- http://www.vupen.com/english/advisories/2006/4654
- http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317
- http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30453
Products affected by CVE-2006-6076
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:-
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.0
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:7.0
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.0
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.0.1
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01
-
cpe:2.3:a:ca:brightstor_arcserve_backup:11
-
cpe:2.3:a:ca:brightstor_arcserve_backup:11.1
-
cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0
-
cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1