{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"BrightStor ARCserve Backup v9.01 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"BrightStor Enterprise Backup v10.0.","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"BrightStor Enterprise Backup v10.5 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"BrightStor ARCserve Backup r11.0 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}},{"description":"BrightStor ARCserve Backup r11.1 ;","product":{"name":"N/A","vendor":{"name":"N/A","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 de type d\u00e9bordement de m\u00e9moire a \u00e9t\u00e9 d\u00e9couverte dans\nles agents SQL, Oracle et SAP R/3 des produits BrightStor ARCserve\nBackup et BrightStor Enterprise Backup pour Windows. Un utilisateur mal\nintentionn\u00e9 peut, par le biais de paquets malicieusement construits\nenvoy\u00e9s au port 6070/tcp, ex\u00e9cuter du code arbitraire \u00e0 distance sur le\nserveur.\n\n## Solution\n\nAppliquer le correctif tel qu'indiqu\u00e9 dans le bulletin de s\u00e9curit\u00e9 33239\nde Computer Associates (voir section Documentation).\n","cves":[],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 33239 de Computer Associates du 02    ao\u00fbt 2005 :","url":"http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=33239"}],"reference":"CERTA-2005-AVI-293","revisions":[{"description":"version initiale.","revision_date":"2005-08-03T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Une vuln\u00e9rabilit\u00e9 dans les agents de BrightStor ARCserve Backup et de\nBrightStor Enterprise Backup permet l'ex\u00e9cution de code arbitraire \u00e0\ndistance.\n","title":"Vuln\u00e9rabilit\u00e9 dans BrightStor ARCserve/Enterprise Backup","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 33239 de Computer Associates du 02 ao\u00fbt 2005","url":null}]}