Description
The production release of the UniversalAgent for UNIX in BrightStor ARCserve Backup 11.1 contains hard-coded credentials, which allows remote attackers to access the file system and possibly execute arbitrary commands.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/13706
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1013144
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/12522
Patch, Vendor Advisory x_refsource_confirm
http://supportconnect.ca.com/sc/solcenter/sol_detail.jsp?aparno=QO63672&os=UNIX&returninput=0
Exploit, Patch, Vendor Advisory third-party-advisory
x_refsource_idefense
http://www.idefense.com/application/poi/display?id=198&type=vulnerabilities
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/14233
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/0145
Scores
EPSS
0.0140
EPSS Percentile
80.7%
Details
Status
published
Products (1)
broadcom/brightstor_arcserve_backup
11.1
Published
May 02, 2005
Tracked Since
Feb 18, 2026