BrightStor ARCserve Message Engine RPC server buffer overflow

Added: 11/09/2006
CVE: CVE-2006-5143
BID: 20365
OSVDB: 29535


The BrightStor ARCserve Backup family of products includes a Message Engine which listens for connections on port 6503/TCP.


A buffer overflow in the ASCORE.dll library allows remote attackers to execute arbitrary commands when a specially crafted request is processed by the Message Engine RPC server.


Apply the upgrade referenced in the Computer Associates Security Notice.



Exploit works on BrightStor ARCserve Backup 11.5. Due to the nature of the vulnerability, the success of this exploit may depend on the system state at the time the exploit is run.


Windows 2000 SP4
Windows 2000 SP4 / Windows 2000
Windows 2000 SP3

Back to exploit index