Arkiea nlservd allows remote attackers to conduct a denial of service.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| knox_software | arkeia | 4.0 |
| knox_software | arkeia | 4.1 |
Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| knox_software | arkeia | 4.0 |
Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local and remote users to gain privileges.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| knox_software | arkeia | 4.2.8.2 |
| knox_software | arkeia | 4.2 |
Arkeia backup server 4.2.8-2 and earlier creates its database files with world-writable permissions, which could allow local users to overwrite the files or obtain sensitive information.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| knox_software | arkeia | * |
Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| knox_software | arkeia_server_backup | 5.3.3 |
| knox_software | arkeia_server_backup | 5.3.1 |
| knox_software | arkeia_server_backup | 5.3.2 |
| knox_software | arkeia_server_backup | 5.3.0_rc4 |
| knox_software | arkeia_server_backup | 5.3.0_rc2 |
| knox_software | arkeia_server_backup | 5.3.0_rc3 |
| knox_software | arkeia_server_backup | 5.3.0_rc1 |
| knox_software | arkeia_server_backup | 5.3.0 |
| knox_software | arkeia_server_backup | 5.3.4 |