CA : Security Vulnerabilities, CVEs, Published In 2008 (Directory traversal) CVSS score >= 5
CVE-2008-4397
Public exploit
Directory traversal vulnerability in the RPC interface (asdbapi.dll) in CA ARCserve Backup (formerly BrightStor ARCserve Backup) r11.1 through r12.0 allows remote attackers to execute arbitrary commands via a .. (dot dot) in an RPC call with opnum 0x10A.
Max CVSS
10.0
EPSS Score
88.85%
Published
2008-10-14
Updated
2021-04-09
Directory traversal vulnerability in the UmxEventCli.CachedAuditDataList.1 (aka UmxEventCliLib) ActiveX control in UmxEventCli.dll in CA Internet Security Suite 2008 allows remote attackers to create and overwrite arbitrary files via a .. (dot dot) in the argument to the SaveToFile method. NOTE: this can be leveraged for code execution by writing to a Startup folder. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
10.24%
Published
2008-06-02
Updated
2018-10-11
Directory traversal vulnerability in caloggerd in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allows remote attackers to append arbitrary data to arbitrary files via directory traversal sequences in unspecified input fields, which are used in log messages. NOTE: this can be leveraged for code execution in many installation environments by writing to a startup file or configuration file.
Max CVSS
10.0
EPSS Score
25.02%
Published
2008-05-21
Updated
2021-04-09
3 vulnerabilities found