CVE-2005-1272

BrightStor ARCserve Backup Agent for SQL Server 11.0 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16403

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by cybertronic · cremotewindows

https://www.exploit-db.com/exploits/1130

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by hdm · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/brightstor/sql_agent.rb

View Code ZIP pw:eip

References (5)

[Various Sources] http://www.idefense.com/application/poi/display?id=287&type=vulnerabilities&flashstatus=true

[Patch, Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/279774

[Exploit, Patch] http://www.securityfocus.com/bid/14453

[Patch] http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/21656

Scores

EPSS 0.8095

EPSS Percentile 99.2%

Details

Status published

Products (12)

broadcom/brightstor_enterprise_backup 10.0

broadcom/brightstor_enterprise_backup 10.5

ca/brightstor_arcserve_backup 9.0.1

ca/brightstor_arcserve_backup 9.0_1

ca/brightstor_arcserve_backup 11.0 (2 CPE variants)

ca/brightstor_arcserve_backup 11.1 (2 CPE variants)

ca/brightstor_arcserve_backup_agent 9.0.1 (3 CPE variants)

ca/brightstor_arcserve_backup_agent 11

ca/brightstor_arcserve_backup_agent 11.0 (2 CPE variants)

ca/brightstor_arcserve_backup_agent 11.1 (3 CPE variants)

... and 2 more

Published Aug 05, 2005

Tracked Since Feb 18, 2026