CVE

CVE-2006-6076

Date: (C)2006-11-24   (M)2023-12-22

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

SECTRACK-1017268

http://www.securityfocus.com/archive/1/452222/100/0/threaded

http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050814.html

http://www.securityfocus.com/archive/1/452318/100/0/threaded

20070111

http://www.securityfocus.com/archive/1/456711

BID-21221

SECUNIA-23060

SECUNIA-24512

ADV-2006-4654

IAVM:2007-T-0011

VU#437300

cabrightstorarcserve-tapeeng-bo(30453)

http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp

http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817