All the vulnerabilites related to broadcom - desktop_management_suite
cve-2007-0673
Vulnerability from cvelistv5
Published
2007-02-03 01:00
Modified
2024-08-07 12:26
Severity ?
EPSS score ?
Summary
LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/458650/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/22337 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/32948 | vdb-entry, x_refsource_OSVDB | |
| http://securityreason.com/securityalert/2218 | third-party-advisory, x_refsource_SREASON | |
| http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.281Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070131 Remote DOS BrightStor ARCserve Backup for Laptops \u0026 Desktops",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/458650/100/0/threaded"
},
{
"name": "22337",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22337"
},
{
"name": "32948",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/32948"
},
{
"name": "2218",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2218"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LGSERVER.EXE in BrightStor ARCserve Backup for Laptops \u0026 Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070131 Remote DOS BrightStor ARCserve Backup for Laptops \u0026 Desktops",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/458650/100/0/threaded"
},
{
"name": "22337",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22337"
},
{
"name": "32948",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/32948"
},
{
"name": "2218",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2218"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0673",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LGSERVER.EXE in BrightStor ARCserve Backup for Laptops \u0026 Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070131 Remote DOS BrightStor ARCserve Backup for Laptops \u0026 Desktops",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458650/100/0/threaded"
},
{
"name": "22337",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22337"
},
{
"name": "32948",
"refsource": "OSVDB",
"url": "http://osvdb.org/32948"
},
{
"name": "2218",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2218"
},
{
"name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0673",
"datePublished": "2007-02-03T01:00:00",
"dateReserved": "2007-02-02T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.281Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5003
Vulnerability from cvelistv5
Published
2007-10-01 20:00
Modified
2024-08-07 15:17
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/24348 | vdb-entry, x_refsource_BID | |
| http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/25606 | third-party-advisory, x_refsource_SECUNIA | |
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/480252/100/100/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp | x_refsource_CONFIRM | |
| http://research.eeye.com/html/advisories/published/AD20070920.html | third-party-advisory, x_refsource_EEYE | |
| http://www.securitytracker.com/id?1018728 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.199Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24348",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24348"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674"
},
{
"name": "25606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25606"
},
{
"name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
"tags": [
"third-party-advisory",
"x_refsource_EEYE",
"x_transferred"
],
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"name": "1018728",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018728"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24348",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24348"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674"
},
{
"name": "25606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25606"
},
{
"name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
"tags": [
"third-party-advisory",
"x_refsource_EEYE"
],
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"name": "1018728",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018728"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5003",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24348",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674"
},
{
"name": "25606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25606"
},
{
"name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
},
{
"name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
"refsource": "EEYE",
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"name": "1018728",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018728"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5003",
"datePublished": "2007-10-01T20:00:00",
"dateReserved": "2007-09-20T00:00:00",
"dateUpdated": "2024-08-07T15:17:28.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5004
Vulnerability from cvelistv5
Published
2007-10-01 20:00
Modified
2024-08-07 15:17
Severity ?
EPSS score ?
Summary
Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain "useless" password.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/24348 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/25606 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/480252/100/100/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35675 | x_refsource_CONFIRM | |
| http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp | x_refsource_CONFIRM | |
| http://research.eeye.com/html/advisories/published/AD20070920.html | third-party-advisory, x_refsource_EEYE | |
| http://www.securitytracker.com/id?1018728 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:27.831Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24348",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24348"
},
{
"name": "25606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25606"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35675"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
"tags": [
"third-party-advisory",
"x_refsource_EEYE",
"x_transferred"
],
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"name": "1018728",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018728"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain \"useless\" password."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24348",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24348"
},
{
"name": "25606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25606"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35675"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
"tags": [
"third-party-advisory",
"x_refsource_EEYE"
],
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"name": "1018728",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018728"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain \"useless\" password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24348",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"name": "25606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25606"
},
{
"name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35675",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35675"
},
{
"name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
"refsource": "EEYE",
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"name": "1018728",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018728"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5004",
"datePublished": "2007-10-01T20:00:00",
"dateReserved": "2007-09-20T00:00:00",
"dateUpdated": "2024-08-07T15:17:27.831Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1328
Vulnerability from cvelistv5
Published
2008-04-07 18:00
Modified
2024-08-07 08:17
Severity ?
EPSS score ?
Summary
Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified "command arguments."
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41641 | vdb-entry, x_refsource_XF | |
| http://securityreason.com/securityalert/3800 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/bid/28616 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/490463/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1019788 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/1104/references | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.193Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105"
},
{
"name": "ca-arcservebackup-lgserverservice-bo(41641)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41641"
},
{
"name": "3800",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3800"
},
{
"name": "28616",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28616"
},
{
"name": "20080404 CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490463/100/0/threaded"
},
{
"name": "1019788",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019788"
},
{
"name": "ADV-2008-1104",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1104/references"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified \"command arguments.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105"
},
{
"name": "ca-arcservebackup-lgserverservice-bo(41641)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41641"
},
{
"name": "3800",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3800"
},
{
"name": "28616",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28616"
},
{
"name": "20080404 CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490463/100/0/threaded"
},
{
"name": "1019788",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019788"
},
{
"name": "ADV-2008-1104",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1104/references"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1328",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified \"command arguments.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105"
},
{
"name": "ca-arcservebackup-lgserverservice-bo(41641)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41641"
},
{
"name": "3800",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3800"
},
{
"name": "28616",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28616"
},
{
"name": "20080404 CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490463/100/0/threaded"
},
{
"name": "1019788",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019788"
},
{
"name": "ADV-2008-1104",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1104/references"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1328",
"datePublished": "2008-04-07T18:00:00",
"dateReserved": "2008-03-13T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0449
Vulnerability from cvelistv5
Published
2007-01-23 21:00
Modified
2024-08-07 12:19
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:19:30.097Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22340",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22340"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97696"
},
{
"name": "31593",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/31593"
},
{
"name": "VU#611276",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/611276"
},
{
"name": "20070131 Remote Unauthenticated Code Execution II CA BrightStor ARCserve Backup for Laptops \u0026 Desktops",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/458648/100/0/threaded"
},
{
"name": "23897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/23897"
},
{
"name": "20070131 Remote Unauthenticated Code Execution CA BrightStor ARCserve Backup",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/458644/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=34993"
},
{
"name": "ca-multiple-unspecified-bo(31704)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31704"
},
{
"name": "20070124 [CAID 34993]: CA BrightStor ARCserve Backup for Laptops and Desktops Multiple Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/457945/30/8460/threaded"
},
{
"name": "22199",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22199"
},
{
"name": "22342",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22342"
},
{
"name": "ADV-2007-0314",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0314"
},
{
"name": "VU#357308",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/357308"
},
{
"name": "1017548",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017548"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22340",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22340"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97696"
},
{
"name": "31593",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/31593"
},
{
"name": "VU#611276",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/611276"
},
{
"name": "20070131 Remote Unauthenticated Code Execution II CA BrightStor ARCserve Backup for Laptops \u0026 Desktops",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/458648/100/0/threaded"
},
{
"name": "23897",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/23897"
},
{
"name": "20070131 Remote Unauthenticated Code Execution CA BrightStor ARCserve Backup",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/458644/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=34993"
},
{
"name": "ca-multiple-unspecified-bo(31704)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31704"
},
{
"name": "20070124 [CAID 34993]: CA BrightStor ARCserve Backup for Laptops and Desktops Multiple Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/457945/30/8460/threaded"
},
{
"name": "22199",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22199"
},
{
"name": "22342",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22342"
},
{
"name": "ADV-2007-0314",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0314"
},
{
"name": "VU#357308",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/357308"
},
{
"name": "1017548",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017548"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0449",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22340",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22340"
},
{
"name": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97696",
"refsource": "CONFIRM",
"url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97696"
},
{
"name": "31593",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/31593"
},
{
"name": "VU#611276",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/611276"
},
{
"name": "20070131 Remote Unauthenticated Code Execution II CA BrightStor ARCserve Backup for Laptops \u0026 Desktops",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458648/100/0/threaded"
},
{
"name": "23897",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/23897"
},
{
"name": "20070131 Remote Unauthenticated Code Execution CA BrightStor ARCserve Backup",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458644/100/0/threaded"
},
{
"name": "http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=34993",
"refsource": "CONFIRM",
"url": "http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=34993"
},
{
"name": "ca-multiple-unspecified-bo(31704)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31704"
},
{
"name": "20070124 [CAID 34993]: CA BrightStor ARCserve Backup for Laptops and Desktops Multiple Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/457945/30/8460/threaded"
},
{
"name": "22199",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22199"
},
{
"name": "22342",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22342"
},
{
"name": "ADV-2007-0314",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0314"
},
{
"name": "VU#357308",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/357308"
},
{
"name": "1017548",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017548"
},
{
"name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0449",
"datePublished": "2007-01-23T21:00:00",
"dateReserved": "2007-01-23T00:00:00",
"dateUpdated": "2024-08-07T12:19:30.097Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-0672
Vulnerability from cvelistv5
Published
2007-02-03 01:00
Modified
2024-08-07 12:26
Severity ?
EPSS score ?
Summary
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/458653/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/22339 | vdb-entry, x_refsource_BID | |
| http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:26:54.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070131 Remote Unauthenticated Resource Exhaustion CA Mobile BackupService",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/458653/100/0/threaded"
},
{
"name": "22339",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22339"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\\Server\\data\\transfer\\."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070131 Remote Unauthenticated Resource Exhaustion CA Mobile BackupService",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/458653/100/0/threaded"
},
{
"name": "22339",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22339"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-0672",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\\Server\\data\\transfer\\."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070131 Remote Unauthenticated Resource Exhaustion CA Mobile BackupService",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/458653/100/0/threaded"
},
{
"name": "22339",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22339"
},
{
"name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-0672",
"datePublished": "2007-02-03T01:00:00",
"dateReserved": "2007-02-02T00:00:00",
"dateUpdated": "2024-08-07T12:26:54.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3175
Vulnerability from cvelistv5
Published
2008-08-01 14:00
Modified
2024-08-07 09:28
Severity ?
EPSS score ?
Summary
Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/31319 | third-party-advisory, x_refsource_SECUNIA | |
| http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063594.html | mailing-list, x_refsource_FULLDISC | |
| https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181721 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/495020/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2008/2286 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/30472 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id?1020590 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/44137 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:28:41.661Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31319",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31319"
},
{
"name": "20080731 Assurent VR - CA ARCserve Backup for Laptops and Desktops LGServer Handshake Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063594.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181721"
},
{
"name": "20080801 CA ARCserve Backup for Laptops and Desktops Server LGServer Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/495020/100/0/threaded"
},
{
"name": "ADV-2008-2286",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2286"
},
{
"name": "30472",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/30472"
},
{
"name": "1020590",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020590"
},
{
"name": "ca-abld-rxrpc-bo(44137)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-07-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "31319",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31319"
},
{
"name": "20080731 Assurent VR - CA ARCserve Backup for Laptops and Desktops LGServer Handshake Buffer Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063594.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181721"
},
{
"name": "20080801 CA ARCserve Backup for Laptops and Desktops Server LGServer Service Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/495020/100/0/threaded"
},
{
"name": "ADV-2008-2286",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2286"
},
{
"name": "30472",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/30472"
},
{
"name": "1020590",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020590"
},
{
"name": "ca-abld-rxrpc-bo(44137)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-3175",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31319",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31319"
},
{
"name": "20080731 Assurent VR - CA ARCserve Backup for Laptops and Desktops LGServer Handshake Buffer Overflow",
"refsource": "FULLDISC",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063594.html"
},
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181721",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181721"
},
{
"name": "20080801 CA ARCserve Backup for Laptops and Desktops Server LGServer Service Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/495020/100/0/threaded"
},
{
"name": "ADV-2008-2286",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2286"
},
{
"name": "30472",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/30472"
},
{
"name": "1020590",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020590"
},
{
"name": "ca-abld-rxrpc-bo(44137)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-3175",
"datePublished": "2008-08-01T14:00:00",
"dateReserved": "2008-07-15T00:00:00",
"dateUpdated": "2024-08-07T09:28:41.661Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1329
Vulnerability from cvelistv5
Published
2008-04-07 18:00
Modified
2024-08-07 08:17
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads."
References
| ▼ | URL | Tags |
|---|---|---|
| https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41642 | vdb-entry, x_refsource_XF | |
| http://securityreason.com/securityalert/3800 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/bid/28616 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/490463/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securitytracker.com/id?1019788 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/1104/references | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:17:34.502Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105"
},
{
"name": "ca-arcserverbackup-netbackup-code-execution(41642)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41642"
},
{
"name": "3800",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3800"
},
{
"name": "28616",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/28616"
},
{
"name": "20080404 CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/490463/100/0/threaded"
},
{
"name": "1019788",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019788"
},
{
"name": "ADV-2008-1104",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1104/references"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to \"insufficient verification of file uploads.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105"
},
{
"name": "ca-arcserverbackup-netbackup-code-execution(41642)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41642"
},
{
"name": "3800",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3800"
},
{
"name": "28616",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/28616"
},
{
"name": "20080404 CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/490463/100/0/threaded"
},
{
"name": "1019788",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019788"
},
{
"name": "ADV-2008-1104",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1104/references"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-1329",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to \"insufficient verification of file uploads.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105",
"refsource": "CONFIRM",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105"
},
{
"name": "ca-arcserverbackup-netbackup-code-execution(41642)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41642"
},
{
"name": "3800",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3800"
},
{
"name": "28616",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/28616"
},
{
"name": "20080404 CA ARCserve Backup for Laptops and Desktops Server and CA Desktop Management Suite Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/490463/100/0/threaded"
},
{
"name": "1019788",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019788"
},
{
"name": "ADV-2008-1104",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1104/references"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-1329",
"datePublished": "2008-04-07T18:00:00",
"dateReserved": "2008-03-13T00:00:00",
"dateUpdated": "2024-08-07T08:17:34.502Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5006
Vulnerability from cvelistv5
Published
2007-10-01 20:00
Modified
2024-08-07 15:17
Severity ?
EPSS score ?
Summary
Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores.
References
| ▼ | URL | Tags |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=598 | third-party-advisory, x_refsource_IDEFENSE | |
| http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35677 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/24348 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/25606 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/480252/100/100/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id?1018728 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:27.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20070920 CA ARCserve Backup for Laptops and Desktops Authentication Bypass Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=598"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35677"
},
{
"name": "24348",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24348"
},
{
"name": "25606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25606"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "1018728",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018728"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20070920 CA ARCserve Backup for Laptops and Desktops Authentication Bypass Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=598"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35677"
},
{
"name": "24348",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24348"
},
{
"name": "25606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25606"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "1018728",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018728"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20070920 CA ARCserve Backup for Laptops and Desktops Authentication Bypass Vulnerability",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=598"
},
{
"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35677",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35677"
},
{
"name": "24348",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"name": "25606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25606"
},
{
"name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "1018728",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018728"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5006",
"datePublished": "2007-10-01T20:00:00",
"dateReserved": "2007-09-20T00:00:00",
"dateUpdated": "2024-08-07T15:17:27.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5005
Vulnerability from cvelistv5
Published
2007-10-01 20:00
Modified
2024-08-07 15:17
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/24348 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/25606 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006 | x_refsource_CONFIRM | |
| http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/archive/1/480252/100/100/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp | x_refsource_CONFIRM | |
| http://research.eeye.com/html/advisories/published/AD20070920.html | third-party-advisory, x_refsource_EEYE | |
| http://www.securitytracker.com/id?1018728 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:27.860Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24348",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24348"
},
{
"name": "25606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/25606"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676"
},
{
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
"tags": [
"third-party-advisory",
"x_refsource_EEYE",
"x_transferred"
],
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"name": "1018728",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018728"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24348",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24348"
},
{
"name": "25606",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/25606"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676"
},
{
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
"tags": [
"third-party-advisory",
"x_refsource_EEYE"
],
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"name": "1018728",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018728"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24348",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"name": "25606",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/25606"
},
{
"name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676"
},
{
"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
"refsource": "EEYE",
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"name": "1018728",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018728"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5005",
"datePublished": "2007-10-01T20:00:00",
"dateReserved": "2007-09-20T00:00:00",
"dateUpdated": "2024-08-07T15:17:27.860Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-10-01 20:17
Modified
2024-11-21 00:36
Severity ?
Summary
Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain "useless" password.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "261A513C-CBD4-4A1C-B58A-A9005774EC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9DAE8E8B-7FD6-43CB-B07A-6D3B31E94DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7B9C97C1-D295-4A84-B179-3FDF51DE1DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "237F2346-0B9B-4CE8-8EF9-813CB3F1BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6195AFF-0039-4F48-9E02-ACE8CF052EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "47C10BA4-B241-4F65-8FA1-AD88266C03B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to execute arbitrary code via a long username and a certain \"useless\" password."
},
{
"lang": "es",
"value": "Desbordamiento de entero en en pila en CA (Computer Associates) BrightStor ARCserve Backup para Port\u00e1til y Sobremesa r11.0 hasta r11.5 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un nombre de usuario largo y determinadas contrase\u00f1as \"sin uso\"."
}
],
"id": "CVE-2007-5004",
"lastModified": "2024-11-21T00:36:55.273",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-01T20:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25606"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35675"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35675"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018728"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-03 01:28
Modified
2024-11-21 00:26
Severity ?
Summary
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9DAE8E8B-7FD6-43CB-B07A-6D3B31E94DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "237F2346-0B9B-4CE8-8EF9-813CB3F1BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB698F99-FC87-4D59-9E01-3CE7A57FE0E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_premium:*:*:*:*:*",
"matchCriteriaId": "2429EE00-5359-4C47-A634-8DBC57253266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_standard:*:*:*:*:*",
"matchCriteriaId": "F33EE596-0901-4A13-BAA1-1A7C7C16AD27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\\Server\\data\\transfer\\."
},
{
"lang": "es",
"value": "LGSERVER.EXE de BrightStor Mobile Backup 4.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (agotamiento de disco y colapso de demonio) mediante un valor 0xFFFFFF7F en un punto concreto en un paquete de negociaci\u00f3n de autenticaci\u00f3n, que escribe una cantidad grade de datos a un fichero . USX en CA_BABLDdata\\Server\\data\\transfer\\."
}
],
"id": "CVE-2007-0672",
"lastModified": "2024-11-21T00:26:27.470",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-03T01:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/458653/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/22339"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/458653/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/22339"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-02-03 01:28
Modified
2024-11-21 00:26
Severity ?
Summary
LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9DAE8E8B-7FD6-43CB-B07A-6D3B31E94DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "237F2346-0B9B-4CE8-8EF9-813CB3F1BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB698F99-FC87-4D59-9E01-3CE7A57FE0E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_premium:*:*:*:*:*",
"matchCriteriaId": "2429EE00-5359-4C47-A634-8DBC57253266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_standard:*:*:*:*:*",
"matchCriteriaId": "F33EE596-0901-4A13-BAA1-1A7C7C16AD27",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LGSERVER.EXE in BrightStor ARCserve Backup for Laptops \u0026 Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read."
},
{
"lang": "es",
"value": "El archivo LGSERVER.EXE en BrightStor ARCserve Backup para Ordenadores Port\u00e1tiles y de Escritorio versi\u00f3n r11.1 permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo del demonio) por medio de un valor de 0xFFFFFFFF en un determinado punto en un paquete de negociaci\u00f3n de autenticaci\u00f3n, resultando en una lectura fuera de l\u00edmites."
}
],
"id": "CVE-2007-0673",
"lastModified": "2024-11-21T00:26:27.607",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-02-03T01:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/32948"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2218"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/458650/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/22337"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/32948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2218"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/458650/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/22337"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-08-01 14:41
Modified
2024-11-21 00:48
Severity ?
Summary
Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup | 11.1 | |
| broadcom | brightstor_arcserve_backup | 11.5 | |
| broadcom | desktop_management_suite | 11.1 | |
| broadcom | desktop_management_suite | 11.2 | |
| ca | arcserve_backup_for_laptops_and_desktops | 11.0 | |
| ca | arcserve_backup_for_laptops_and_desktops | 11.1 | |
| ca | arcserve_backup_for_laptops_and_desktops | 11.1 | |
| ca | arcserve_backup_for_laptops_and_desktops | 11.1 | |
| ca | arcserve_backup_for_laptops_and_desktops | 11.5 | |
| ca | brightstor_arcserve_backup | 11.0 | |
| ca | brightstor_arcserve_backup | 11.1 | |
| ca | brightstor_arcserve_backup | 11.1 | |
| ca | protection_suites | 2 | |
| ca | protection_suites | 3.0 | |
| ca | protection_suites | 3.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E37161BE-6AF5-40E0-BD63-2C17431D8B36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "477EE032-D183-478F-A2BF-6165277A7414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6195AFF-0039-4F48-9E02-ACE8CF052EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C6198653-D0D8-48D4-B2DB-58F92F621DA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F3B81CE4-F767-4A34-BE39-EEC3DBBF206A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.1:*:sp1:*:*:*:*:*",
"matchCriteriaId": "25BB7845-980B-4085-B07B-CC1AB814B53F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.1:*:sp2:*:*:*:*:*",
"matchCriteriaId": "EE545056-0DFB-4947-B530-F551940DBE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:arcserve_backup_for_laptops_and_desktops:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0B98A90C-AAA9-44DE-9289-D4E33397B62F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9190C236-0BBF-47CF-94F5-F2408D33C5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:sp1:*:*:*:*:*",
"matchCriteriaId": "7D0498FD-4246-427A-8E70-24948EE3A6ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:brightstor_arcserve_backup:11.1:*:sp2:*:*:*:*:*",
"matchCriteriaId": "F887250D-D323-4ED7-AA96-829BAC6BB2D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:protection_suites:2:*:*:*:*:*:*:*",
"matchCriteriaId": "533C42DE-8FEA-443A-B250-4CD44A1CFAAC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:protection_suites:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D92D9D51-EBF8-45A2-A315-42DE5768DB6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:protection_suites:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6D020DF6-2016-4901-AC33-FA56C277957C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer underflow in rxRPC.dll in the LGServer service in the server in CA ARCserve Backup for Laptops and Desktops 11.0 through 11.5 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted message that triggers a buffer overflow."
},
{
"lang": "es",
"value": "Subdesbordamiento de enteros en la biblioteca rxRPC.dll en el servicio LGServer en el servidor en CA ARCserve Backup versiones 11.0 hasta 11.5 para ordenadores Port\u00e1tiles y Escritorios, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio por medio de un mensaje dise\u00f1ado que desencadena un desbordamiento de b\u00fafer."
}
],
"id": "CVE-2008-3175",
"lastModified": "2024-11-21T00:48:37.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-08-01T14:41:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063594.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31319"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/495020/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/30472"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1020590"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2286"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44137"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181721"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-July/063594.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/495020/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/30472"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1020590"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/2286"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=181721"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-189"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-07 18:44
Modified
2024-11-21 00:44
Severity ?
Summary
Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified "command arguments."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F0C2CF0-C4FA-45EA-8CE7-A6F26E74A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA31980-E04A-4C5C-AD81-BBD2DC925B1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D8FDE4F2-A3E1-4DE3-8800-8E6D58116134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "F14BBE21-4FB8-4E25-9437-DC215AE7C208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "06109720-7926-4FC2-929B-0F16B1831739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:desktop_management_suite:11.2:*:english:*:*:*:*:*",
"matchCriteriaId": "815D1724-8E39-4941-A546-16B15E3C51E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:desktop_management_suite:11.2:*:localized:*:*:*:*:*",
"matchCriteriaId": "BC2D63FF-149F-4F7A-9842-52E56818462A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the LGServer service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary code via unspecified \"command arguments.\""
},
{
"lang": "es",
"value": "Desbordamiento de B\u00fafer del Servicio LGServer de CA ARCserve Backup for Laptops and Desktops versiones de la r11.0 a la r11.5 y Suite 11.1 and 11.2, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de argumentos de comando no especificados."
}
],
"id": "CVE-2008-1328",
"lastModified": "2024-11-21T00:44:16.853",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-07T18:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3800"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/490463/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28616"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019788"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1104/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41641"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490463/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1104/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-01 20:17
Modified
2024-11-21 00:36
Severity ?
Summary
Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "261A513C-CBD4-4A1C-B58A-A9005774EC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9DAE8E8B-7FD6-43CB-B07A-6D3B31E94DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7B9C97C1-D295-4A84-B179-3FDF51DE1DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "237F2346-0B9B-4CE8-8EF9-813CB3F1BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6195AFF-0039-4F48-9E02-ACE8CF052EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "47C10BA4-B241-4F65-8FA1-AD88266C03B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en rxRPC.dll de CA (Computer Associates) BrightStor ARCserve Backup para Port\u00e1til y Sobremesa r11.0 hasta r11.5 permite a atacantes remotos subir y sobrescribir ficheros de su elecci\u00f3n mediante una secuencia ..\\ (punto punto barra invertida) en el argumento fichero destino en la sub-funci\u00f3n 8 en el comando rxrReceiveFileFromServer."
}
],
"id": "CVE-2007-5005",
"lastModified": "2024-11-21T00:36:55.427",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-01T20:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25606"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018728"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-01 20:17
Modified
2024-11-21 00:36
Severity ?
Summary
Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "261A513C-CBD4-4A1C-B58A-A9005774EC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9DAE8E8B-7FD6-43CB-B07A-6D3B31E94DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7B9C97C1-D295-4A84-B179-3FDF51DE1DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "237F2346-0B9B-4CE8-8EF9-813CB3F1BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6195AFF-0039-4F48-9E02-ACE8CF052EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "47C10BA4-B241-4F65-8FA1-AD88266C03B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple command handlers in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 do not verify if a peer is authenticated, which allows remote attackers to add and delete users, and start client restores."
},
{
"lang": "es",
"value": "M\u00faltiples gestores de comandos de CA (Computer Associates) BrightStor ARCserve Backup para Port\u00e1til y Sobremesa r11.0 hasta r11.5 no verifican si un par est\u00e1 autenticado, lo cual permite a atacantes remotos a\u00f1adir y borrar usuarios, e inicializar recuperaciones de cliente."
}
],
"id": "CVE-2007-5006",
"lastModified": "2024-11-21T00:36:55.573",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-01T20:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=598"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25606"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35677"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=598"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35677"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018728"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-01-23 21:28
Modified
2024-11-21 00:25
Severity ?
Summary
Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9DAE8E8B-7FD6-43CB-B07A-6D3B31E94DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_mobile_backup:r4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D9448EC1-7527-4CF9-85FC-26F61714E4B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "328E1C42-488A-43FC-8DF2-758DC73B74AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "237F2346-0B9B-4CE8-8EF9-813CB3F1BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_protection_suite:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DB698F99-FC87-4D59-9E01-3CE7A57FE0E4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en el archivo LGSERVER.EXE en CA BrightStor ARCserve Backup para Ordenadores Port\u00e1tiles y de Escritorio versi\u00f3n r11.0 hasta versi\u00f3n r11.1 SP1, Mobile Backup versi\u00f3n r4.0, Desktop and Business Protection Suite versi\u00f3n r2 y Desktop Management Suite (DMS) versiones r11.0 y r11.1 permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de la creaci\u00f3n de paquetes hacia los puertos TCP (1) 1900 o (2) 2200."
}
],
"id": "CVE-2007-0449",
"lastModified": "2024-11-21T00:25:53.443",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-01-23T21:28:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23897"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017548"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/357308"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/611276"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/31593"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/457945/30/8460/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/458644/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/458648/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22199"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22340"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/22342"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0314"
},
{
"source": "cve@mitre.org",
"url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97696"
},
{
"source": "cve@mitre.org",
"url": "http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=34993"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/23897"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/357308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/611276"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/31593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/457945/30/8460/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/458644/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/458648/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22199"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22340"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/22342"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/0314"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=34993"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31704"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-01 20:17
Modified
2024-11-21 00:36
Severity ?
Summary
Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "261A513C-CBD4-4A1C-B58A-A9005774EC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "9DAE8E8B-7FD6-43CB-B07A-6D3B31E94DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7B9C97C1-D295-4A84-B179-3FDF51DE1DD9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "237F2346-0B9B-4CE8-8EF9-813CB3F1BC1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6195AFF-0039-4F48-9E02-ACE8CF052EA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*",
"matchCriteriaId": "47C10BA4-B241-4F65-8FA1-AD88266C03B0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basado en pila en CA (Computer Associates) BrightStor ARCserve Backup para Port\u00e1til y Sobremesa r11.0 hasta r11.5 permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un (1) nombre de usuario \u00f3 (2) contrase\u00f1a largos en el comando rxrLogin de rxRPC.dll, \u00f3 un (3) argumento nombre de usuario largo en la funci\u00f3n GetUserInfo."
}
],
"id": "CVE-2007-5003",
"lastModified": "2024-11-21T00:36:55.120",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-01T20:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
},
{
"source": "cve@mitre.org",
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25606"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/25606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/24348"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018728"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-04-07 18:44
Modified
2024-11-21 00:44
Severity ?
Summary
Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to "insufficient verification of file uploads."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0F0C2CF0-C4FA-45EA-8CE7-A6F26E74A82B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FA31980-E04A-4C5C-AD81-BBD2DC925B1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.1:sp1:*:*:*:*:*:*",
"matchCriteriaId": "D8FDE4F2-A3E1-4DE3-8800-8E6D58116134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.1:sp2:*:*:*:*:*:*",
"matchCriteriaId": "F14BBE21-4FB8-4E25-9437-DC215AE7C208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:arcserve_backup_laptops_and_desktops:r11.5:*:*:*:*:*:*:*",
"matchCriteriaId": "06109720-7926-4FC2-929B-0F16B1831739",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:desktop_management_suite:11.2:*:english:*:*:*:*:*",
"matchCriteriaId": "815D1724-8E39-4941-A546-16B15E3C51E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:computer_associates:desktop_management_suite:11.2:*:localized:*:*:*:*:*",
"matchCriteriaId": "BC2D63FF-149F-4F7A-9842-52E56818462A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the NetBackup service in CA ARCserve Backup for Laptops and Desktops r11.0 through r11.5, and Suite 11.1 and 11.2, allows remote attackers to execute arbitrary commands, related to \"insufficient verification of file uploads.\""
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada del servicio NetBackup de CA ARCserve Backup for Laptops and Desktops versiones de la r11.0 a la r11.5 y Suite 11.1 and 11.2, permite a atacantes remotos ejecutar comandos de su elecci\u00f3n, relacionado con \u201csubidas de archivos sin suficiente verificacion\u201d"
}
],
"id": "CVE-2008-1329",
"lastModified": "2024-11-21T00:44:16.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-04-07T18:44:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/3800"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/490463/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/28616"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1019788"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/1104/references"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41642"
},
{
"source": "cve@mitre.org",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/490463/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/28616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019788"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1104/references"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=173105"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}