Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5084

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2007-5084
Last Modified 08 Sep 2011 12:00:00
Published 01 Oct 2007 04:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-5084

Summary

Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others.

Vulnerable Systems

Application

  • Brightstor Hierarchical Storage Manager 11.5


References

CONFIRM - http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692

CONFIRM - http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp

XF - ca-brightstor-csagent-sql-injection(36828)

VUPEN - ADV-2007-3275

BID - 25823

BUGTRAQ - 20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities

SECTRACK - 1018747

SECUNIA - 26914

MISC - http://dvlabs.tippingpoint.com/advisory/TPTI-07-17


Last Updated: 27 May 2016 10:46:04