Remote Code Execution Vulnerability in BrightStor ARCserve Backup by Computer Associates
CVE-2005-0260

Currently unrated

Key Information:

Vendor: Broadcom
Status: Brightstor Arcserve Backup
Vendor: CVE Published:; 2 May 2005

What is CVE-2005-0260?

A stack-based buffer overflow exists in the Discovery Service for BrightStor ARCserve Backup, allowing remote attackers to send specially crafted packets to UDP port 41524. When the service improperly handles these lengthy packets during the recvfrom call, it could potentially lead to arbitrary code execution on the affected system. This vulnerability emphasizes the need for consistent security practices, especially for services exposed to the network.

References

http://secunia.com/advisories/14183

third-party-advisoryx_refsource_SECUNIA

http://www.idefense.com/application/poi/display?id=194&ty...

third-party-advisoryx_refsource_IDEFENSE

http://supportconnectw.ca.com/public/enews/BrightStor/bri...

x_refsource_CONFIRM

EPSS Score

81% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 2, 2005
Vulnerability Reserved
Feb 10, 2005

Broadcom

What is CVE-2005-0260?

References

EPSS Score

Timeline