CVE-2006-5171
Brightstor ARCserve Backup 9.01-11.5 - Remote Code Execution via Crafted SUNRPC Packets
Title source: llmDescription
Stack-based buffer overflow in the RPC interface in Mediasvr.exe in Computer Associates (CA) Brightstor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Protection Suites r2 allows remote attackers to execute arbitrary code via crafted SUNRPC packets, aka the "Mediasvr.exe Overflow," a different vulnerability than CVE-2006-5172.
References (9)
Core 9
Core References
Patch, Vendor Advisory x_refsource_confirm
http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/31319
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1017506
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/456711
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0154
Patch, Vendor Advisory third-party-advisory
x_refsource_iss
http://www.iss.net/threats/252.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22015
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/29343
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/23648
Scores
EPSS
0.2893
EPSS Percentile
96.6%
Details
Status
published
Products (4)
broadcom/brightstor_arcserve_backup
9.01
broadcom/brightstor_arcserve_backup
< 11.5
broadcom/brightstor_enterprise_backup
10.5
ca/protection_suites
r2
Published
Jan 16, 2007
Tracked Since
Feb 18, 2026