Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1979

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-1979
Last Modified 30 Oct 2012 10:56:24
Published 27 Apr 2008 04:05:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1979

Summary

The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read.

Vulnerable Systems

Application

  • Ca Brightstor Arcserve Backup 12.0.5454.0


References

VUPEN - ADV-2008-1354

SECTRACK - 1020324

BID - 28927

BUGTRAQ - 20080618 CA ARCserve Backup Discovery Service Denial of Service Vulnerability

SECUNIA - 29855

MISC - http://aluigi.altervista.org/adv/carcbackazz-adv.txt

XF - ca-arcservebackup-casdscvc-dos(41869)


Last Updated: 27 May 2016 10:49:46