Vulnerability Details : CVE-2005-1272
Public exploit exists!
Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050.
Vulnerability category: OverflowExecute code
Exploit prediction scoring system (EPSS) score for CVE-2005-1272
Probability of exploitation activity in the next 30 days: 97.19%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 100 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2005-1272
-
CA BrightStor Agent for Microsoft SQL Overflow
Disclosure Date: 2005-08-02First seen: 2020-04-26exploit/windows/brightstor/sql_agentThis module exploits a vulnerability in the CA BrightStor Agent for Microsoft SQL Server. This vulnerability was discovered by cybertronic[at]gmx.net. Authors: - hdm <x@hdm.io>
CVSS scores for CVE-2005-1272
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST |
References for CVE-2005-1272
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/21656
-
http://www.kb.cert.org/vuls/id/279774
Patch;Third Party Advisory;US Government Resource
-
http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239
Patch
-
http://www.idefense.com/application/poi/display?id=287&type=vulnerabilities&flashstatus=true
-
http://www.securityfocus.com/bid/14453
Computer Associates BrightStor ARCserve Backup Remote Buffer Overflow VulnerabilityExploit;Patch
Products affected by CVE-2005-1272
- cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup:9.0.1:*:windows:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup:9.0_1:*:oracle:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:oracle:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:oracle:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:windows:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sap:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sql:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11:*:exchange:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:exchange:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sap:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sql:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sap:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sql:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:exchange:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sap:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sql:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sql:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:oracle:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:oracle:*:*:*:*:*
- cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sap:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*
- cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*