Vulnerability CVE-2008-3175


Published: 2008-08-01   Modified: 2012-02-12

Description:
Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow.

Type:

CWE-189

(Numeric Errors)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
CA -> Arcserve backup for laptops and desktops 
CA -> Brightstor arcserve backup 
CA -> Desktop management suite 
CA -> Protection suites 

 References:
http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063594.html
http://www.securityfocus.com/archive/1/495020/100/0/threaded
http://www.securityfocus.com/bid/30472
http://www.securitytracker.com/id?1020590
http://www.vupen.com/english/advisories/2008/2286
https://exchange.xforce.ibmcloud.com/vulnerabilities/44137
https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181721

Copyright 2020, cxsecurity.com

 

Back to Top