CVE-2009-1761 - OpenCVE

The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Ca	Arcserve Backup

Configuration 1 [-]

OR	cpe:2.3:a:ca:arcserve_backup:r12.0::windows:::::
	cpe:2.3:a:ca:arcserve_backup:r12.0:sp1:windows:::::*

No data.

References

Link	Providers
http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-01-ca-arcserve-backup-message-engine-denial-of-service-vulnerabilities.aspx
http://secunia.com/advisories/35473
http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209502
http://www.ivizsecurity.com/security-advisory-iviz-sr-09003.html
http://www.ivizsecurity.com/security-advisory-iviz-sr-09004.html
http://www.securityfocus.com/archive/1/504348/100/0/threaded
http://www.securityfocus.com/archive/1/504349/100/0/threaded
http://www.securityfocus.com/bid/35396
http://www.securitytracker.com/id?1022405
http://www.vupen.com/english/advisories/2009/1608
https://exchange.xforce.ibmcloud.com/vulnerabilities/51169

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-06-16T23:00:00

Updated: 2024-08-07T05:27:53.650Z

Reserved: 2009-05-21T00:00:00

Link: CVE-2009-1761

Vulnrichment

No data.

NVD

Status : Modified

Published: 2009-06-16T23:30:00.250

Modified: 2018-10-10T19:38:15.817

Link: CVE-2009-1761

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-06-16T00:00:00", "descriptions": [{"lang": "en", "value": "The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20090616 CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/504348/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209502"}, {"tags": ["x_refsource_MISC"], "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09004.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-01-ca-arcserve-backup-message-engine-denial-of-service-vulnerabilities.aspx"}, {"name": "20090616 CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities (Updated)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/504349/100/0/threaded"}, {"name": "35473", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/35473"}, {"name": "35396", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/35396"}, {"tags": ["x_refsource_MISC"], "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09003.html"}, {"name": "ADV-2009-1608", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/1608"}, {"name": "ca-arcserve-ascore-dos(51169)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51169"}, {"name": "1022405", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1022405"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-1761", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20090616 CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/504348/100/0/threaded"}, {"name": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209502", "refsource": "CONFIRM", "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209502"}, {"name": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09004.html", "refsource": "MISC", "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09004.html"}, {"name": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-01-ca-arcserve-backup-message-engine-denial-of-service-vulnerabilities.aspx", "refsource": "CONFIRM", "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-01-ca-arcserve-backup-message-engine-denial-of-service-vulnerabilities.aspx"}, {"name": "20090616 CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities (Updated)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/504349/100/0/threaded"}, {"name": "35473", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/35473"}, {"name": "35396", "refsource": "BID", "url": "http://www.securityfocus.com/bid/35396"}, {"name": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09003.html", "refsource": "MISC", "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09003.html"}, {"name": "ADV-2009-1608", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/1608"}, {"name": "ca-arcserve-ascore-dos(51169)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51169"}, {"name": "1022405", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1022405"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T05:27:53.650Z"}, "title": "CVE Program Container", "references": [{"name": "20090616 CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/504348/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209502"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09004.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-01-ca-arcserve-backup-message-engine-denial-of-service-vulnerabilities.aspx"}, {"name": "20090616 CA20090615-01: CA ARCserve Backup Message Engine Denial of Service Vulnerabilities (Updated)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/504349/100/0/threaded"}, {"name": "35473", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/35473"}, {"name": "35396", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/35396"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09003.html"}, {"name": "ADV-2009-1608", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/1608"}, {"name": "ca-arcserve-ascore-dos(51169)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51169"}, {"name": "1022405", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1022405"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-1761", "datePublished": "2009-06-16T23:00:00", "dateReserved": "2009-05-21T00:00:00", "dateUpdated": "2024-08-07T05:27:53.650Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ca:arcserve_backup:r12.0:*:windows:*:*:*:*:*", "matchCriteriaId": "B250F711-FE9E-4DC8-876B-5632976F1189", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:arcserve_backup:r12.0:sp1:windows:*:*:*:*:*", "matchCriteriaId": "C3A626B1-BA2E-4942-BAE4-574F830B2321", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The message engine in CA ARCserve Backup r12.0 and r12.0 SP1 for Windows allows remote attackers to cause a denial of service (crash) via (1) an invalid 0x13 message, which is not properly handled in the ASCORE module, or (2) a 0x3B message with invalid stub data that triggers an RPC marshalling error."}, {"lang": "es", "value": "El motor de mensajes en CA ARCserve Backup r12.0 y r12.0 SP1 para Windows permite a atacantes remotos producir una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de (1) un mensaje 0x13 invalido, el cual no es adecuadamente gestionado por el modulo ASCORE, o (2) un mensaje 0x3B con unos datos incompletos que inician un error RPC."}], "id": "CVE-2009-1761", "lastModified": "2018-10-10T19:38:15.817", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-06-16T23:30:00.250", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://community.ca.com/blogs/casecurityresponseblog/archive/2009/06/15/ca20090615-01-ca-arcserve-backup-message-engine-denial-of-service-vulnerabilities.aspx"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/35473"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=209502"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09003.html"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.ivizsecurity.com/security-advisory-iviz-sr-09004.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/504348/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/504349/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/35396"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1022405"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2009/1608"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51169"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}