CVE-1999-1049

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0240%

EPSS Percentile4.80th

PublishedFeb 21, 1999

Last ModifiedApr 16, 2026

Vulnerability Description

ARCserve NT agents use weak encryption (XOR) for passwords, which allows remote attackers to sniff the authentication request to port 6050 and decrypt the password.

Affected Platforms (CPE)

📦

Broadcom

Arcserve Backup

<= 6.5

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=91972006211238&w=2

Related Vulnerabilities

CVE-2001-096010.0

Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in...

CVE-2005-026010.0

Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to ex...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2005-169310.0

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, e...