CVE-2008-1979

The Discovery Service (casdscvc) in CA ARCserve Backup 12.0.5454.0 and earlier allows remote attackers to cause a denial of service (crash) via a packet with a large integer value used in an increment to TCP port 41523, which triggers a buffer over-read.

Published: Apr 27, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-1979
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-189

Affected Software
References

Software	From	Fixed in
broadcom / brightstor_arcserve_backup	-	12.0.5454.0.x

http://aluigi.altervista.org/adv/carcbackazz-adv.txt
http://secunia.com/advisories/29855
http://www.securityfocus.com/archive/1/493430/100/0/threaded
http://www.securityfocus.com/bid/28927
http://www.securitytracker.com/id?1020324
http://www.vupen.com/english/advisories/2008/1354
https://exchange.xforce.ibmcloud.com/vulnerabilities/41869

Vulnerability Database

289,599

CVE-2008-1979