CVE-2005-1272
Scores
EPSS
0.783medium78.3%
0%20%40%60%80%100%
Percentile: 78.3%
CVSS
7.5high2.0
0246810
CVSS Score: 7.5/10
All CVSS Scores
CVSS 2.0
7.5Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
AV:N
Attack Complexity
Low (L)
Describes the conditions beyond the attacker's control
AC:L
Authentication
None (N)
Describes the level of privileges an attacker must possess
Au:N
Confidentiality Impact
Partial
Measures the impact to the confidentiality of information
C:P
Integrity Impact
Partial
Measures the impact to integrity of a successfully exploited vulnerability
I:P
Availability Impact
Partial
Measures the impact to the availability of the impacted component
A:P
Description
Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050.
Scaner-VS 7 — a modern vulnerability management solution
Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7Sources
nvd
Exploits
Recommendations
Source: nvd
Upgrade or patchUpgrade or install patches, as recommended by the Computer Associates vulnerability 33239 description.Restrict AccessYou may wish to block access to the vulnerable software from outside your network perimeter, specifically by blocking access to the ports used by the Backup Agents (typically 6070/tcp). This will limit your exposure to attacks. However, blocking at the network perimeter would still allow attackers within the perimeter of your network to exploit the vulnerability. The use of host-based firewalls in addition to network-based firewalls can help restrict access to specific hosts within the network. It is important to understand your network’s configuration and service requirements before deciding what changes are appropriate.
Vulnerable Software (4)
Type: Configuration
Vendor: broadcom
Product: brightstor_enterprise_backup
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:9.0.1:*:windows:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:9.0_1:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:windows:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:exchange:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11:*:exchange:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:exchange:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sql:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: ca
Product: brightstor_arcserve_backup
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:9.0.1:*:windows:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:9.0_1:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:windows:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:exchange:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11:*:exchange:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:exchange:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sql:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: ca
Product: brightstor_arcserve_backup_agent
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:9.0.1:*:windows:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:9.0_1:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:windows:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:exchange:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11:*:exchange:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:exchange:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sql:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: ca
Product: brightstor_enterprise_backup_agent
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:9.0.1:*:windows:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:9.0_1:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:windows:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:exchange:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:9.0.1:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11:*:exchange:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.0:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:exchange:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_arcserve_backup_agent:11.1:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.0:*:sql:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:oracle:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sap:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:ca:brightstor_enterprise_backup_agent:10.5:*:sql:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd