Detections
Analytics

CA BrightStor ARCserve Backup Agent for Windows Long String Overflow

critical Nessus Plugin ID 19387

Language:

Synopsis

Arbitrary code can be executed on the remote host.

Description

This host is running BrightStor ARCServe MSSQL Agent.

The remote version of this software is susceptible to a buffer overflow attack.

An attacker, by sending a specially crafted packet, may be able to execute code on the remote host.

Solution

Apply the patch or upgrade to a newer version when available.

Note that for ARCServe 11.1, patch QO70767 (not working) has been replaced by patch QO71010.

See Also

https://www.kb.cert.org/vuls/id/279774/

Plugin Details

Severity: Critical

ID: 19387

File Name: arcserve_mssql_agent_overflow.nasl

Version: 1.20

Type: remote

Agent: windows

Family: Windows

Published: 8/5/2005

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.0

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: ARCSERVE/MSSQLAgent

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/2/2005

Vulnerability Publication Date: 8/2/2005

Exploitable With

Core Impact

Metasploit (CA BrightStor Agent for Microsoft SQL Overflow)

Reference Information

CVE: CVE-2005-1272

BID: 14453

CERT: 279774