Detections
Analytics

CVE-2006-6076

critical

Description

Buffer overflow in the Tape Engine (tapeeng.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to execute arbitrary code via certain RPC requests to TCP port 6502.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/30453

http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=34817

http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317

http://www.vupen.com/english/advisories/2006/4654

http://www.securityfocus.com/bid/21221

http://www.securityfocus.com/archive/1/456711

http://www.securityfocus.com/archive/1/452318/100/0/threaded

http://www.securityfocus.com/archive/1/452222/100/0/threaded

http://www.kb.cert.org/vuls/id/437300

http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp

http://securitytracker.com/id?1017268

http://secunia.com/advisories/24512

http://secunia.com/advisories/23060

http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050814.html

http://lists.grok.org.uk/pipermail/full-disclosure/2006-November/050808.html

Details

Source: Mitre, NVD

Published: 2006-11-24

Updated: 2025-04-09

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.7398