返回 CVE 瀏覽器

CVE-2006-5172

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0820%

EPSS Percentile28.75th

Published2007年1月16日

Last Modified2026年4月23日

Vulnerability Description

Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe String Handling Overflow," a different vulnerability than CVE-2006-5171.

Affected Platforms (CPE)

📦

Broadcom

Brightstor Arcserve Backup

<= 11.5

📦

Broadcom

Brightstor Arcserve Backup

= 9.01

📦

Broadcom

Brightstor Enterprise Backup

= 10.5

📦

Ca

Protection Suites

= r2

References & Advisories

🔗 http://osvdb.org/31320

🔗 http://secunia.com/advisories/23648

🔗 http://securitytracker.com/id?1017506

🔗 http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp

🔗 http://www.iss.net/threats/253.html

🔗 http://www.securityfocus.com/archive/1/456711

🔗 http://www.securityfocus.com/bid/22016

🔗 http://www.vupen.com/english/advisories/2007/0154

相關漏洞威脅

CVE-2005-026010.0

Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to ex...

CVE-2006-607610.0

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier ...

CVE-2005-169310.0

Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, e...

CVE-2006-691710.0

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers t...