Vulnonym.org

CVE-2008-2242 - Unbloodied Buckets

Description

Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0 11.1 and 11.5 allow remote attackers to execute arbitrary code as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.

Reference

http://www.zerodayinitiative.com/advisories/ZDI-08-026/ https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798 http://www.securityfocus.com/bid/29283 http://secunia.com/advisories/30300 http://www.securitytracker.com/id?1020044 http://www.vupen.com/english/advisories/2008/1573/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42527 http://www.securityfocus.com/archive/1/492291/100/0/threaded http://www.securityfocus.com/archive/1/492274/100/0/threaded