Buffer overflow in the Discovery Service in BrightStor ARCserve Backup 9.0 through 11.1 allows remote attackers to execute arbitrary commands via a large packet to TCP port 41523, a different vulnerability than CVE-2005-0260.
Conclusion & alert: CVE-2005-2535 is rated High Exploit Risk (82.9/100): CVSS High severity, with high exploitation likelihood (EPSS 82.94%, 99th percentile). Core evidence: 3 public exploit reference(s) are indexed (Exploit-DB). EPSS rose +3.17% over the last day, indicating growing attacker interest. Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| 16408 | exploit_db | edb | 2010-04-30 | Exploit-DB ↗ |
| 815 | exploit_db | edb | 2005-02-12 | Exploit-DB ↗ |
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2025-07-26 | 79.77% | 82.94% | +3.17% |
| 2 | 2025-03-30 | 78.97% | 79.77% | +0.80% |
| 3 | 2025-03-29 | — | 78.97% | — |
Full EPSS history (11 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 7.5 | 2.0 | HIGH |
|
10.0 | 6.4 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| broadcom | arcserve_backup_2000 | r16.5 | cpe:2.3:a:broadcom:arcserve_backup_2000:r16.5:*:windows:ja:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 7.0 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:7.0:*:linux:*:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 9.0 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.0:*:linux:*:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 9.0 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.0:*:linux:ja:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 9.0 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.0:*:netware:*:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 9.0.1 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.0.1:*:windows:*:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 11.0 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.0:*:windows:*:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 11.1 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:aix:*:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 11.1 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:linux:*:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 11.1 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:macintosh:*:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 11.1 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:netware:*:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 11.1 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:solaris:*:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 11.1 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:tru64:*:*:*:*:* |
| broadcom | brightstor_arcserve_backup | 11.1 | cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:windows:*:*:*:*:* |
| broadcom | brightstor_arcserve_backup_hp | 11.1 | cpe:2.3:a:broadcom:brightstor_arcserve_backup_hp:11.1:*:hp:*:*:*:*:* |
| broadcom | brightstor_enterprise_backup | 10 | cpe:2.3:a:broadcom:brightstor_enterprise_backup:10:*:solaris:*:*:*:*:* |
| broadcom | brightstor_enterprise_backup | 10.0 | cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:*:*:*:*:*:* |
| broadcom | brightstor_enterprise_backup | 10.0 | cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:aix:*:*:*:*:* |
| broadcom | brightstor_enterprise_backup | 10.0 | cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:hpux:*:*:*:*:* |
| broadcom | brightstor_enterprise_backup | 10.0 | cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.0:*:mainframe_linux:*:*:*:*:* |
| broadcom | brightstor_enterprise_backup | 10.5 | cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:* |
| broadcom | brightstor_enterprise_backup | 10.5 | cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:aix:*:*:*:*:* |
| broadcom | brightstor_enterprise_backup | 10.5 | cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:hp:*:*:*:*:* |
| broadcom | brightstor_enterprise_backup | 10.5 | cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:solaris:*:*:*:*:* |
| broadcom | brightstor_enterprise_backup | 10.5 | cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:tru64:*:*:*:*:* |
| broadcom | brightstor_enterprise_backup | 10.5 | cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:windows:*:*:*:*:* |
| URL | Tags |
|---|---|
| http://archives.neohapsis.com/archives/bugtraq/2005-02/0123.html | Broken Link |
| http://archives.neohapsis.com/archives/bugtraq/2005-02/0141.html | Broken Link |
| http://archives.neohapsis.com/archives/bugtraq/2005-02/0201.html | Broken Link |
| http://secunia.com/advisories/14293 | Patch Vendor Advisory |
| http://www.kb.cert.org/vuls/id/966880 | Patch Third Party Advisory US Government Resource |
| http://www.osvdb.org/13814 | Broken Link |
| http://www.securityfocus.com/bid/12536 | Exploit Patch Third Party Advisory VDB Entry |
| http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?ID=32478 | Patch |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/19320 | Third Party Advisory VDB Entry |