汇总 bakbone 相关全部产品的 CVE 与安全漏洞情报,包括 CVSS、EPSS、公开时间与漏洞情报数据。
历史漏洞主要涉及 缓冲区溢出与输入验证问题 等问题,部分漏洞可能导致 应用崩溃,并影响 生产负载与软件部署 相关场景。
相关漏洞数据主要来源于公开漏洞披露与安全公告,可用于评估历史漏洞暴露面与修复优先级。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2009-3448 | npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a malloc operation. NOTE: some of these details are obtained from third party information. | [email protected] | 5.0 | 1.72% | 2009-09-29 | 2026-06-16 |
| CVE-2007-3911 | Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka scheduler client) and (2) srvscheduler.exe (aka scheduler server) in BakBone NetVault Reporter 3.5 before Update4 allow remote attackers to execute arbitrary code via long filename arguments in HTTP requests. | [email protected] | 10.0 | 6.83% | 2007-07-30 | 2026-06-16 |
| CVE-2007-3181 | Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll." | [email protected] | 10.0 | 13.21% | 2007-06-12 | 2026-06-16 |
| CVE-2005-1547 | Heap-based buffer overflow in the demo version of Bakbone Netvault, and possibly other versions, allows remote attackers to execute arbitrary commands via a large packet to port 20031. | [email protected] | 7.5 | 3.00% | 2005-05-14 | 2026-06-16 |
| CVE-2005-1372 | nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu. | [email protected] | 4.6 | 1.00% | 2005-05-03 | 2026-06-16 |
| CVE-2005-1009 | Multiple buffer overflows in BakBone NetVault 6.x and 7.x allow (1) remote attackers to execute arbitrary code via a modified computer name and length that leads to a heap-based buffer overflow, or (2) local users to execute arbitrary code via a long Name entry in the configure.cfg file. | [email protected] | 10.0 | 57.02% | 2005-05-02 | 2026-06-16 |