{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-11-21T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-17T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "21221", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/21221"}, {"name": "20061122 RE: LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/452318/100/0/threaded"}, {"name": "cabrightstorarcserve-tapeeng-bo(30453)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30453"}, {"name": "24512", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24512"}, {"name": "20061122 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050814.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817"}, {"name": "20070111 [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/456711"}, {"name": "1017268", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017268"}, {"name": "23060", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/23060"}, {"name": "ADV-2006-4654", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4654"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317"}, {"name": "20061121 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050808.html"}, {"name": "20061121 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/452222/100/0/threaded"}, {"name": "VU#437300", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/437300"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-6076", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "21221", "refsource": "BID", "url": "http://www.securityfocus.com/bid/21221"}, {"name": "20061122 RE: LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/452318/100/0/threaded"}, {"name": "cabrightstorarcserve-tapeeng-bo(30453)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30453"}, {"name": "24512", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24512"}, {"name": "20061122 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050814.html"}, {"name": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817", "refsource": "CONFIRM", "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817"}, {"name": "20070111 [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/456711"}, {"name": "1017268", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017268"}, {"name": "23060", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/23060"}, {"name": "ADV-2006-4654", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4654"}, {"name": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317", "refsource": "CONFIRM", "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317"}, {"name": "20061121 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability", "refsource": "FULLDISC", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050808.html"}, {"name": "20061121 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/452222/100/0/threaded"}, {"name": "VU#437300", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/437300"}, {"name": "http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp", "refsource": "CONFIRM", "url": "http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T20:12:31.666Z"}, "title": "CVE Program Container", "references": [{"name": "21221", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/21221"}, {"name": "20061122 RE: LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/452318/100/0/threaded"}, {"name": "cabrightstorarcserve-tapeeng-bo(30453)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30453"}, {"name": "24512", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24512"}, {"name": "20061122 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050814.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817"}, {"name": "20070111 [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/456711"}, {"name": "1017268", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017268"}, {"name": "23060", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/23060"}, {"name": "ADV-2006-4654", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4654"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317"}, {"name": "20061121 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050808.html"}, {"name": "20061121 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/452222/100/0/threaded"}, {"name": "VU#437300", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/437300"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-6076", "datePublished": "2006-11-24T17:00:00", "dateReserved": "2006-11-24T00:00:00", "dateUpdated": "2024-08-07T20:12:31.666Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A72E07D-2997-46CF-847F-899CB60FC771", "versionEndIncluding": "11.5", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp1:*:*:*:*:*:*", "matchCriteriaId": "4305BA3B-B302-48EA-A923-EEC762DA42ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*", "matchCriteriaId": "6E236148-4A57-4FDC-A072-A77D3DD2DB53", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*", "matchCriteriaId": "9E11A387-BF4A-4A54-8F29-37EFF14D72DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sql:*:*:*:*:*", "matchCriteriaId": "E8D21407-0C60-4598-87D4-1386E4C20E0B", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sql:*:*:*:*:*", "matchCriteriaId": "5C80D603-C650-465E-A9FD-34BA6E36335A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en Tape Engine (tapeeng.exe) en Computer Associates BrightStor ARCserve Backup 11.5 permite a un atacante remoto ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de ciertas RPC al puerto TCP 6502."}], "evaluatorSolution": "A denial-of-service condition may also result from exploit attempts.", "id": "CVE-2006-6076", "lastModified": "2024-11-21T00:21:42.297", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-11-24T17:07:00.000", "references": [{"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050808.html"}, {"source": "cve@mitre.org", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050814.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23060"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/24512"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017268"}, {"source": "cve@mitre.org", "url": "http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp"}, {"source": "cve@mitre.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/437300"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/452222/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/452318/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/456711"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/21221"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4654"}, {"source": "cve@mitre.org", "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317"}, {"source": "cve@mitre.org", "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30453"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050808.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050814.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/23060"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/24512"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1017268"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/437300"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/452222/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/452318/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/456711"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/21221"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/4654"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30453"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}