|
|
|||
| Rule General Information |
|---|
| Release Date: | 2013-08-27 | |
| Rule Name: | Computer Associates BrightStor ARCserve Backup Tape Engine RPC GetGroupStatus Buffer Overflow Vulnerability (CVE-2006-6917) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup R11.5 Server before SP2 allows remote attackers to execute arbitrary code in the Tape Engine (tapeeng.exe) via a crafted RPC request with (1) opnum 38, which is not properly handled in TAPEUTIL.dll 11.5.3884.0, or (2) opnum 37, which is not properly handled in TAPEENG.dll 11.5.3884.0. | |
| Impact: | Remote code execution | |
| Affected OS: | Windows | |
| Reference: | CVE-2006-6917 SecurityFocusBID:22006 CVE-2007-0168 |
|
| Solutions |
|---|
| Update vendor's patch. |