Vulnerability Description
Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer overflow via a long parameter to the xdr_rwsstring function.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Brightstor Arcserve Backup | 11.1 |
| Ca | Brightstor Arcserve Backup | 11.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/30300
- http://www.securityfocus.com/archive/1/492274/100/0/threaded
- http://www.securityfocus.com/archive/1/492291/100/0/threaded
- http://www.securityfocus.com/bid/29283Patch
- http://www.securitytracker.com/id?1020044
- http://www.vupen.com/english/advisories/2008/1573/references
- http://www.zerodayinitiative.com/advisories/ZDI-08-026/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42527
- https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=176798
- http://secunia.com/advisories/30300
- http://www.securityfocus.com/archive/1/492274/100/0/threaded
- http://www.securityfocus.com/archive/1/492291/100/0/threaded
- http://www.securityfocus.com/bid/29283Patch
- http://www.securitytracker.com/id?1020044
- http://www.vupen.com/english/advisories/2008/1573/references
FAQ
What is CVE-2008-2242?
CVE-2008-2242 is a vulnerability with a CVSS score of 7.5 (HIGH). Multiple buffer overflows in xdr functions in the server in CA BrightStor ARCServe Backup 11.0, 11.1, and 11.5 allow remote attackers to execute arbitrary code, as demonstrated by a stack-based buffer...
How severe is CVE-2008-2242?
CVE-2008-2242 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-2242?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Brightstor Arcserve Backup, Ca Brightstor Arcserve Backup.