Vulnerability Details : CVE-2006-5143

Multiple buffer overflows in CA BrightStor ARCserve Backup r11.5 SP1 and earlier, r11.1, and 9.01; BrightStor ARCserve Backup for Windows r11; BrightStor Enterprise Backup 10.5; Server Protection Suite r2; and Business Protection Suite r2 allow remote attackers to execute arbitrary code via crafted data on TCP port 6071 to the Backup Agent RPC Server (DBASVR.exe) using the RPC routines with opcode (1) 0x01, (2) 0x02, or (3) 0x18; invalid stub data on TCP port 6503 to the RPC routines with opcode (4) 0x2b or (5) 0x2d in ASCORE.dll in the Message Engine RPC Server (msgeng.exe); (6) a long hostname on TCP port 41523 to ASBRDCST.DLL in the Discovery Service (casdscsvc.exe); or unspecified vectors related to the (7) Job Engine Service.
Publish Date : 2006-10-10 Last Update Date : 2018-10-17

Collapse All Expand All Select Select&Copy	Scroll To Vendor Statements(0) Additional Vendor Data(0) OVAL Definitions(0) Vulnerable Products(0) # Of Vulns By Products References(0) Metasploit Modules(0)	Comments View User Comments Add Comment	External Links Secunia Advisories XForce Advisories Vulnerability Details at NVD Vulnerability Details at Mitre Nessus Plugins Linux Kernel Git Repository First CVSS Guide
Search Twitter Search YouTube Search Google

- CVSS Scores & Vulnerability Types

CVSS Score	7.5
Confidentiality Impact	Partial (There is considerable informational disclosure.)
Integrity Impact	Partial (Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability Impact	Partial (There is reduced performance or interruptions in resource availability.)
Access Complexity	Low (Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
Authentication	Not required (Authentication is not required to exploit the vulnerability.)
Gained Access	User
Vulnerability Type(s)	Execute CodeOverflow
CWE ID	119

- Products Affected By CVE-2006-5143

#	Product Type	Vendor	Product	Version	Update	Edition
1	Application	CA	Brightstor Arcserve Backup	9.01			Version Details Vulnerabilities
2	Application	CA	Brightstor Arcserve Backup	11		Windows	Version Details Vulnerabilities
3	Application	CA	Brightstor Arcserve Backup	11.1			Version Details Vulnerabilities
4	Application	CA	Brightstor Arcserve Backup	11.5	SP1		Version Details Vulnerabilities
5	Application	CA	Brightstor Enterprise Backup	10.5			Version Details Vulnerabilities
6	Application	CA	Business Protection Suite	2.0			Version Details Vulnerabilities
7	Application	CA	Server Protection Suite	2			Version Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor	Product	Vulnerable Versions
CA	Brightstor Arcserve Backup	4
CA	Brightstor Enterprise Backup	1
CA	Business Protection Suite	1
CA	Server Protection Suite	1

- References For CVE-2006-5143

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34693 CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/29364
XF ca-dbasvr-rpc-bo(29364)

http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=94397&id=90744 CONFIRM

http://www3.ca.com/securityadvisor/blogs/posting.aspx?pid=93775&id=90744 CONFIRM

http://www.zerodayinitiative.com/advisories/ZDI-06-031.html

http://www.vupen.com/english/advisories/2006/3930
VUPEN ADV-2006-3930

http://www.zerodayinitiative.com/advisories/ZDI-06-030.html

http://www.tippingpoint.com/security/advisories/TSRT-06-11.html

http://www.securityfocus.com/bid/20365
BID 20365 Computer Associates Products Message Engine RPC Server Multiple Buffer Overflow Vulnerabilities Release Date:2008-09-08

http://www.securityfocus.com/archive/1/447930/100/200/threaded
BUGTRAQ 20061007 LS-20060313 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability

http://www.securityfocus.com/archive/1/447927/100/200/threaded
BUGTRAQ 20061007 LS-20060330 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability

http://www.securityfocus.com/archive/1/447926/100/200/threaded
BUGTRAQ 20061007 LS-20060220 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability

http://www.securityfocus.com/archive/1/447862/100/100/threaded
BUGTRAQ 20061005 TSRT-06-11: CA Multiple Product DBASVR RPC Server Multiple Buffer Overflow Vulnerabilities

http://www.securityfocus.com/archive/1/447847/100/200/threaded
BUGTRAQ 20061005 ZDI-06-030: CA Multiple Product Discovery Service Remote Buffer Overflow Vulnerability

http://www.securityfocus.com/archive/1/447848/100/100/threaded
BUGTRAQ 20061005 ZDI-06-031: CA Multiple Product Message Engine RPC Server Code Execution Vulnerability

http://www.kb.cert.org/vuls/id/860048
CERT-VN VU#860048

http://www.lssec.com/advisories/LS-20060220.pdf

http://supportconnectw.ca.com/public/storage/infodocs/basbr-secnotice.asp CONFIRM

http://www.securityfocus.com/archive/1/447839/100/100/threaded
BUGTRAQ 20061006 [CAID 34693, 34694]: CA BrightStor ARCserve Backup Multiple Buffer Overflow Vulnerabilities

http://www.lssec.com/advisories/LS-20060330.pdf

http://www.lssec.com/advisories/LS-20060313.pdf

http://www.kb.cert.org/vuls/id/361792
CERT-VN VU#361792

http://securitytracker.com/id?1017006
SECTRACK 1017006

http://securitytracker.com/id?1017005
SECTRACK 1017005

http://securitytracker.com/id?1017004
SECTRACK 1017004

http://securitytracker.com/id?1017003
SECTRACK 1017003

- Metasploit Modules Related To CVE-2006-5143

CA BrightStor ARCserve Message Engine Heap Overflow
This module exploits a heap overflow in Computer Associates BrightStor ARCserve Backup 11.5. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code. Module type : exploit Rank : average Platforms : Windows