Remote Code Execution Vulnerability in BrightStor ARCserve Backup by Computer Associates
CVE-2005-0260

Currently unrated

Key Information:

Vendor

Broadcom
Status
Brightstor Arcserve Backup
Vendor
CVE Published:
2 May 2005

What is CVE-2005-0260?

A stack-based buffer overflow exists in the Discovery Service for BrightStor ARCserve Backup, allowing remote attackers to send specially crafted packets to UDP port 41524. When the service improperly handles these lengthy packets during the recvfrom call, it could potentially lead to arbitrary code execution on the affected system. This vulnerability emphasizes the need for consistent security practices, especially for services exposed to the network.

References

http://secunia.com/advisories/14183
third-party-advisoryx_refsource_SECUNIA
http://www.idefense.com/application/poi/display?id=194&ty...
third-party-advisoryx_refsource_IDEFENSE
http://supportconnectw.ca.com/public/enews/BrightStor/bri...
x_refsource_CONFIRM

EPSS Score

81% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2005-0260 : Remote Code Execution Vulnerability in BrightStor ARCserve Backup by Computer Associates