CVE-2009-1761 - OpenCVE

The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Ca	Arcserve Backup

Configuration 1 [-]

OR	cpe:2.3:a:ca:arcserve_backup:r12.0::windows:::::
	cpe:2.3:a:ca:arcserve_backup:r12.0:sp1:windows:::::*

References

Link	Resource
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-01-ca-arcserve-backup-message-engine-denial-of-service-vulnerabilities.aspx	Patch
http://secunia.com/advisories/35473	Vendor Advisory
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209502	Patch Vendor Advisory
http://www.ivizsecurity.com/security-advisory-iviz-sr-09003.html	Exploit
http://www.ivizsecurity.com/security-advisory-iviz-sr-09004.html	Exploit
http://www.securityfocus.com/archive/1/504348/100/0/threaded
http://www.securityfocus.com/archive/1/504349/100/0/threaded
http://www.securityfocus.com/bid/35396
http://www.securitytracker.com/id?1022405
http://www.vupen.com/english/advisories/2009/1608
https://exchange.xforce.ibmcloud.com/vulnerabilities/51169

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2009-06-16T23:00:00

Updated: 2018-10-10T18:57:01

Reserved: 2009-05-21T00:00:00

Link: CVE-2009-1761

JSON object: View

NVD Information

Status : Modified

Published: 2009-06-16T23:30:00.250

Modified: 2018-10-10T19:38:15.817

Link: CVE-2009-1761

JSON object: View

Redhat Information

No data.

CWE

CWE-20

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-06-16T00:00:00", "descriptions": [{"lang": "en", "value": "The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20090616 CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/504348/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209502"}, {"tags": ["x_refsource_MISC"], "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09004.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-01-ca-arcserve-backup-message-engine-denial-of-service-vulnerabilities.aspx"}, {"name": "20090616 CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities (Updated)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/504349/100/0/threaded"}, {"name": "35473", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35473"}, {"name": "35396", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/35396"}, {"tags": ["x_refsource_MISC"], "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09003.html"}, {"name": "ADV-2009-1608", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1608"}, {"name": "ca-arcserve-ascore-dos(51169)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51169"}, {"name": "1022405", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1022405"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-1761", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20090616 CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/504348/100/0/threaded"}, {"name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209502", "refsource": "CONFIRM", "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209502"}, {"name": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09004.html", "refsource": "MISC", "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09004.html"}, {"name": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-01-ca-arcserve-backup-message-engine-denial-of-service-vulnerabilities.aspx", "refsource": "CONFIRM", "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-01-ca-arcserve-backup-message-engine-denial-of-service-vulnerabilities.aspx"}, {"name": "20090616 CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities (Updated)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/504349/100/0/threaded"}, {"name": "35473", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35473"}, {"name": "35396", "refsource": "BID", "url": "http://www.securityfocus.com/bid/35396"}, {"name": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09003.html", "refsource": "MISC", "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09003.html"}, {"name": "ADV-2009-1608", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1608"}, {"name": "ca-arcserve-ascore-dos(51169)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51169"}, {"name": "1022405", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022405"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-1761", "datePublished": "2009-06-16T23:00:00", "dateReserved": "2009-05-21T00:00:00", "dateUpdated": "2018-10-10T18:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ca:arcserve_backup:r12.0:*:windows:*:*:*:*:*", "matchCriteriaId": "B250F711-FE9E-4DC8-876B-5632976F1189", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:arcserve_backup:r12.0:sp1:windows:*:*:*:*:*", "matchCriteriaId": "C3A626B1-BA2E-4942-BAE4-574F830B2321", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error."}, {"lang": "es", "value": "El motor de mensajes en CA ARCserve Backup r12.0 y r12.0 SP1 para Windows permite a atacantes remotos producir una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de (1) un mensaje 0x13 invalido, el cual no es adecuadamente gestionado por el modulo ASCORE, o (2) un mensaje 0x3B con unos datos incompletos que inician un error RPC."}], "id": "CVE-2009-1761", "lastModified": "2018-10-10T19:38:15.817", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-06-16T23:30:00.250", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-01-ca-arcserve-backup-message-engine-denial-of-service-vulnerabilities.aspx"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35473"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209502"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09003.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09004.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/504348/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/504349/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/35396"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1022405"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2009/1608"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51169"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}