CVE-2006-6917

high

Description

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly handled in TAPEUTIL.dll 11.5.3884.0, or (2) opnum 37, which is not properly handled in TAPEENG.dll 11.5.3884.0.

References

https://www.exploit-db.com/exploits/3086

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34959

http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97428

http://www.securityfocus.com/archive/1/456711

http://www.securityfocus.com/archive/1/456428/100/0/threaded

http://www.securityfocus.com/archive/1/454094/30/360/threaded

http://www.securityfocus.com/archive/1/454088/30/0/threaded

http://www.securityfocus.com/archive/1/453933/30/420/threaded

http://www.securityfocus.com/archive/1/453930/30/390/threaded

http://www.lssec.com/advisories/LS-20061001.pdf

http://www.lssec.com/advisories/LS-20060908.pdf

http://supportconnectw.ca.com/public/storage/infodocs/basbrtapeeng-secnotice.asp

Details

Source: Mitre, NVD

Published: 2006-12-31

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High