Denial of Service Vulnerability in CA ARCserve Backup
CVE-2008-1979

Currently unrated

Key Information:

Vendor

Broadcom
Status
Brightstor Arcserve Backup
Vendor
CVE Published:
27 April 2008

What is CVE-2008-1979?

CA ARCserve Backup 12.0.5454.0 and earlier contains a vulnerability in the Discovery Service (casdscvc) that allows remote attackers to induce a denial of service. By sending a carefully crafted packet with an excessively large integer value to TCP port 41523, an attacker can trigger a buffer over-read, leading to the service crashing. Organizations using affected versions should apply updates or configure network protections to mitigate this risk.

References

http://aluigi.altervista.org/adv/carcbackazz-adv.txt
x_refsource_MISC
http://www.securityfocus.com/archive/1/493430/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://secunia.com/advisories/29855
third-party-advisoryx_refsource_SECUNIA

EPSS Score

18% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2008-1979 : Denial of Service Vulnerability in CA ARCserve Backup