Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5327

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-5327
Last Modified 07 Mar 2011 10:00:30
Published 12 Oct 2007 08:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5327

Summary

Stack-based buffer overflow in the RPC interface for the Message Engine (mediasvr.exe) in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows remote attackers to execute arbitrary code via a long argument in the 0x10d opnum.

Vulnerable Systems

Application

  • Ca Brightstor Arcserve Backup 10.5

  • Ca Brightstor Arcserve Backup 11

  • Ca Brightstor Arcserve Backup 11.1

  • Ca Brightstor Arcserve Backup 11.5

  • Ca Brightstor Arcserve Backup 9.01

  • Ca Brightstor Enterprise Backup 10.5


References

CONFIRM - http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp

VUPEN - ADV-2007-3470

BUGTRAQ - 20071011 CA BrightStor ARCServe BackUp Message Engine Remote Stack Overflow Vulnerability

MISC - http://www.fortiguardcenter.com/advisory/FGA-2007-11.html

XF - ca-brightstor-messageengine-bo(37065)

XF - ca-brightstor-rpc-rpcx-bo(37064)

SECTRACK - 1018805

BID - 26015

BUGTRAQ - 20071011 [CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities

SREASON - 3218

SECUNIA - 27192

MISC - http://ruder.cdut.net/blogview.asp?logID=231


Last Updated: 27 May 2016 10:46:08