CyberSec.Space Logo
Back to CVE Browser

CVE-2006-5143

HIGH
7.5
CVSS Severity Score
EPSS Score0.0780%
EPSS Percentile8.85th
PublishedOct 10, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; and Business Protection Suite r2 allow remote attackers to execute arbitrary code via crafted data on TCP port 6071 to the Backup Agent RPC Server (DBASVR.exe) using the RPC routines with opcode (1) 0x01, (2) 0x02, or (3) 0x18; invalid stub data on TCP port 6503 to the RPC routines with opcode (4) 0x2b or (5) 0x2d in ASCORE.dll in the Message Engine RPC Server (msgeng.exe); (6) a long hostname on TCP port 41523 to ASBRDCST.DLL in the Discovery Service (casdscsvc.exe); or unspecified vectors related to the (7) Job Engine Service.

Affected Platforms (CPE)

πŸ“¦
Broadcom

Brightstor Arcserve Backup

<= 11.5
πŸ“¦
Broadcom

Brightstor Arcserve Backup

= 9.01
πŸ“¦
Broadcom

Brightstor Arcserve Backup

= 11.1
πŸ“¦
Broadcom

Brightstor Enterprise Backup

= 10.5
πŸ“¦
Broadcom

Business Protection Suite

= 2.0
πŸ“¦
Broadcom

Server Protection Suite

= 2
πŸ“¦
Ca

Brightstor Arcserve Backup

= 11

References & Advisories

πŸ”— http://secunia.com/advisories/22285
πŸ”— http://securitytracker.com/id?1017003
πŸ”— http://securitytracker.com/id?1017004
πŸ”— http://securitytracker.com/id?1017005
πŸ”— http://securitytracker.com/id?1017006
πŸ”— http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp
πŸ”— http://www.kb.cert.org/vuls/id/361792
πŸ”— http://www.kb.cert.org/vuls/id/860048

Related Vulnerabilities

CVE-2005-026010.0

Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to ex...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2005-169310.0

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, e...

CVE-2006-691710.0

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers t...