CyberSec.Space Logo
Back to CVE Browser

CVE-2006-5171

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1020%
EPSS Percentile1.72th
PublishedJan 16, 2007
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe Overflow," a different vulnerability than CVE-2006-5172.

Affected Platforms (CPE)

πŸ“¦
Broadcom

Brightstor Arcserve Backup

<= 11.5
πŸ“¦
Broadcom

Brightstor Arcserve Backup

= 9.01
πŸ“¦
Broadcom

Brightstor Enterprise Backup

= 10.5
πŸ“¦
Ca

Protection Suites

= r2

References & Advisories

πŸ”— http://osvdb.org/31319
πŸ”— http://secunia.com/advisories/23648
πŸ”— http://securitytracker.com/id?1017506
πŸ”— http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp
πŸ”— http://www.iss.net/threats/252.html
πŸ”— http://www.securityfocus.com/archive/1/456711
πŸ”— http://www.securityfocus.com/bid/22015
πŸ”— http://www.vupen.com/english/advisories/2007/0154

Related Vulnerabilities

CVE-2005-026010.0

Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to ex...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2005-169310.0

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, e...

CVE-2006-691710.0

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers t...