cvelistv5 - CVE-2007-3216

CVE-2007-3216 (GCVE-0-2007-3216)

Vulnerability from cvelistv5 – Published: 2007-06-14 22:00 – Updated: 2024-08-07 14:05

Summary

Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/24348	vdb-entryx_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://supportconnectw.ca.com/public/sams/lifegua…	x_refsource_CONFIRM
	http://secunia.com/advisories/25606	third-party-advisoryx_refsource_SECUNIA
	http://www.securitytracker.com/id?1018216	vdb-entryx_refsource_SECTRACK
	http://www.ca.com/us/securityadvisor/vulninfo/vul…	x_refsource_CONFIRM
	http://osvdb.org/35329	vdb-entryx_refsource_OSVDB
	http://labs.idefense.com/intelligence/vulnerabili…	third-party-advisoryx_refsource_IDEFENSE
	http://www.ca.com/us/securityadvisor/newsinfo/col…	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/480252/100…	mailing-listx_refsource_BUGTRAQ
	http://www.vupen.com/english/advisories/2007/2121	vdb-entryx_refsource_VUPEN
	http://supportconnectw.ca.com/public/sams/lifegua…	x_refsource_CONFIRM
	http://research.eeye.com/html/advisories/publishe…	third-party-advisoryx_refsource_EEYE
	http://www.securitytracker.com/id?1018728	vdb-entryx_refsource_SECTRACK
	http://research.eeye.com/html/advisories/upcoming…	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:05:29.275Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "24348",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24348"
          },
          {
            "name": "brightstor-unspecified-code-execution(34805)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34805"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp"
          },
          {
            "name": "25606",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/25606"
          },
          {
            "name": "1018216",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018216"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673"
          },
          {
            "name": "35329",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/35329"
          },
          {
            "name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
          },
          {
            "name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
          },
          {
            "name": "ADV-2007-2121",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2121"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
          },
          {
            "name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
            "tags": [
              "third-party-advisory",
              "x_refsource_EEYE",
              "x_transferred"
            ],
            "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
          },
          {
            "name": "1018728",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018728"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://research.eeye.com/html/advisories/upcoming/20070604.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-06-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-16T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "24348",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24348"
        },
        {
          "name": "brightstor-unspecified-code-execution(34805)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34805"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp"
        },
        {
          "name": "25606",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/25606"
        },
        {
          "name": "1018216",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018216"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673"
        },
        {
          "name": "35329",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/35329"
        },
        {
          "name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
        },
        {
          "name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
        },
        {
          "name": "ADV-2007-2121",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2121"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
        },
        {
          "name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
          "tags": [
            "third-party-advisory",
            "x_refsource_EEYE"
          ],
          "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
        },
        {
          "name": "1018728",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018728"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://research.eeye.com/html/advisories/upcoming/20070604.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3216",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24348",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24348"
            },
            {
              "name": "brightstor-unspecified-code-execution(34805)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34805"
            },
            {
              "name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp",
              "refsource": "CONFIRM",
              "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp"
            },
            {
              "name": "25606",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/25606"
            },
            {
              "name": "1018216",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018216"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673"
            },
            {
              "name": "35329",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/35329"
            },
            {
              "name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006",
              "refsource": "CONFIRM",
              "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
            },
            {
              "name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
            },
            {
              "name": "ADV-2007-2121",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2121"
            },
            {
              "name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp",
              "refsource": "CONFIRM",
              "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
            },
            {
              "name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
              "refsource": "EEYE",
              "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
            },
            {
              "name": "1018728",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018728"
            },
            {
              "name": "http://research.eeye.com/html/advisories/upcoming/20070604.html",
              "refsource": "MISC",
              "url": "http://research.eeye.com/html/advisories/upcoming/20070604.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3216",
    "datePublished": "2007-06-14T22:00:00",
    "dateReserved": "2007-06-14T00:00:00",
    "dateUpdated": "2024-08-07T14:05:29.275Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C7461AE5-2067-4964-93B7-560CD02CEAC8\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples desbordamientos de b\\u00fafer en el componente LGServer de CA (Computer Associates) BrightStor ARCserve Backup para equipos Laptops y Desktops versi\\u00f3n r11.1 permiten a los atacantes remotos ejecutar c\\u00f3digo arbitrario por medio de argumentos elaborados a los comandos (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion o (39) rxsSetDataScheduleYFilterAndFilter.\"}]",
      "id": "CVE-2007-3216",
      "lastModified": "2024-11-21T00:32:41.027",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-06-14T22:30:00.000",
      "references": "[{\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://osvdb.org/35329\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://research.eeye.com/html/advisories/published/AD20070920.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://research.eeye.com/html/advisories/upcoming/20070604.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/25606\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/480252/100/100/threaded\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/24348\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1018216\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id?1018728\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2121\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/34805\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://osvdb.org/35329\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://research.eeye.com/html/advisories/published/AD20070920.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://research.eeye.com/html/advisories/upcoming/20070604.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://secunia.com/advisories/25606\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/archive/1/480252/100/100/threaded\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/24348\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1018216\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id?1018728\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2121\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/34805\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-3216\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-06-14T22:30:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples desbordamientos de b\u00fafer en el componente LGServer de CA (Computer Associates) BrightStor ARCserve Backup para equipos Laptops y Desktops versi\u00f3n r11.1 permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de argumentos elaborados a los comandos (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion o (39) rxsSetDataScheduleYFilterAndFilter.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7461AE5-2067-4964-93B7-560CD02CEAC8\"}]}]}],\"references\":[{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://osvdb.org/35329\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://research.eeye.com/html/advisories/published/AD20070920.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://research.eeye.com/html/advisories/upcoming/20070604.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/25606\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/480252/100/100/threaded\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/24348\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1018216\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id?1018728\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2121\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34805\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/35329\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://research.eeye.com/html/advisories/published/AD20070920.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://research.eeye.com/html/advisories/upcoming/20070604.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/25606\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/480252/100/100/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/24348\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1018216\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id?1018728\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2007/2121\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/34805\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2007-3216

Vulnerability from fkie_nvd - Published: 2007-06-14 22:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599
cve@mitre.org	http://osvdb.org/35329
cve@mitre.org	http://research.eeye.com/html/advisories/published/AD20070920.html
cve@mitre.org	http://research.eeye.com/html/advisories/upcoming/20070604.html
cve@mitre.org	http://secunia.com/advisories/25606	Vendor Advisory
cve@mitre.org	http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp
cve@mitre.org	http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp
cve@mitre.org	http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006	Vendor Advisory
cve@mitre.org	http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/480252/100/100/threaded
cve@mitre.org	http://www.securityfocus.com/bid/24348
cve@mitre.org	http://www.securitytracker.com/id?1018216
cve@mitre.org	http://www.securitytracker.com/id?1018728
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2121	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/34805
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/35329
af854a3a-2127-422b-91ae-364da2661108	http://research.eeye.com/html/advisories/published/AD20070920.html
af854a3a-2127-422b-91ae-364da2661108	http://research.eeye.com/html/advisories/upcoming/20070604.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/25606	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp
af854a3a-2127-422b-91ae-364da2661108	http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp
af854a3a-2127-422b-91ae-364da2661108	http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/480252/100/100/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24348
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018216
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018728
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2121	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/34805

Impacted products

	Vendor	Product	Version
	broadcom	brightstor_arcserve_backup_laptops_desktops	11.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer en el componente LGServer de CA (Computer Associates) BrightStor ARCserve Backup para equipos Laptops y Desktops versi\u00f3n r11.1 permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de argumentos elaborados a los comandos (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion o (39) rxsSetDataScheduleYFilterAndFilter."
    }
  ],
  "id": "CVE-2007-3216",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-06-14T22:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/35329"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://research.eeye.com/html/advisories/upcoming/20070604.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25606"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/24348"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018216"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018728"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2121"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34805"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/35329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://research.eeye.com/html/advisories/upcoming/20070604.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/25606"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/24348"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018216"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018728"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2121"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34805"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTA-2007-AVI-415

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans les produits ARCserve de Computer Associate permettent à un utilisateur distant d'exécuter du code arbitraire.

Description

Plusieurs vulnérabilités sont présentent dans les produits ARCserve Backup for Laptops and Desktops de Computer Associates. Ces vulnérabilités sont toutes relatives à un manque de contrôle dans les éléments suivant du logiciel :

le service LGServer ;
le service d'authentification de ARCserve Backup ;
le service d'autentification rxLogin ;
le service NetBackup lors d'un téléchargement de fichier.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	CA Desktop Management Suite 11.2 ;
N/A	N/A	CA ARCserve Backup for Laptops and Desktops r11.1 SP1 ;
N/A	N/A	CA ARCserve Backup for Laptops and Desktops r11.0 ;
N/A	N/A	CA Desktop Management Suite 11.0 ;
N/A	N/A	CA ARCserve Backup for Laptops and Desktops r11.1 SP2 ;
N/A	N/A	CA ARCserve Backup for Laptops and Desktops r11.5 ;
N/A	N/A	CA Protection Suite r2.
N/A	N/A	CA ARCserve Backup for Laptops and Desktops r11.1 ;
N/A	N/A	CA Desktop Management Suite 11.1 ;
N/A	N/A	CA ARCserve Backup for Laptops and Desktops r4.0 ;

References

Title

Publication Time

Tags

Bulletin de sécurité CA ARCserve du 21 septembre 2007	None	vendor-advisory
Bulletin de sécurité Computer Associates :	-	other
Bulletin de sécurité iDefense du 21 septembre 2007 :	-	other
Bulletin de sécurité iDefense du 21 septembre 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "CA Desktop Management Suite 11.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup for Laptops and Desktops r11.1 SP1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup for Laptops and Desktops r11.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA Desktop Management Suite 11.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup for Laptops and Desktops r11.1 SP2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup for Laptops and Desktops r11.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA Protection Suite r2.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup for Laptops and Desktops r11.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA Desktop Management Suite 11.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup for Laptops and Desktops r4.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentent dans les produits ARCserve\nBackup for Laptops and Desktops de Computer Associates. Ces\nvuln\u00e9rabilit\u00e9s sont toutes relatives \u00e0 un manque de contr\u00f4le dans les\n\u00e9l\u00e9ments suivant du logiciel :\n\n-   le service LGServer ;\n-   le service d\u0027authentification de ARCserve Backup ;\n-   le service d\u0027autentification rxLogin ;\n-   le service NetBackup lors d\u0027un t\u00e9l\u00e9chargement de fichier.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5004"
    },
    {
      "name": "CVE-2007-5005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5005"
    },
    {
      "name": "CVE-2007-3216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3216"
    },
    {
      "name": "CVE-2007-5006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5006"
    },
    {
      "name": "CVE-2007-5003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5003"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Computer Associates :",
      "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 iDefense du 21 septembre 2007 :",
      "url": "http://www.idefense.com/application/poi/display?id=599"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 iDefense du 21 septembre 2007 :",
      "url": "http://www.idefense.com/application/poi/display?id=598"
    }
  ],
  "reference": "CERTA-2007-AVI-415",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-09-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans les produits ARCserve de Computer\nAssociate permettent \u00e0 un utilisateur distant d\u0027ex\u00e9cuter du code\narbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits CA ARCserve",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 CA ARCserve du 21 septembre 2007",
      "url": null
    }
  ]
}

CERTA-2007-AVI-415

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités dans les produits ARCserve de Computer Associate permettent à un utilisateur distant d'exécuter du code arbitraire.

Description

le service LGServer ;
le service d'authentification de ARCserve Backup ;
le service d'autentification rxLogin ;
le service NetBackup lors d'un téléchargement de fichier.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	CA Desktop Management Suite 11.2 ;
N/A	N/A	CA ARCserve Backup for Laptops and Desktops r11.1 SP1 ;
N/A	N/A	CA ARCserve Backup for Laptops and Desktops r11.0 ;
N/A	N/A	CA Desktop Management Suite 11.0 ;
N/A	N/A	CA ARCserve Backup for Laptops and Desktops r11.1 SP2 ;
N/A	N/A	CA ARCserve Backup for Laptops and Desktops r11.5 ;
N/A	N/A	CA Protection Suite r2.
N/A	N/A	CA ARCserve Backup for Laptops and Desktops r11.1 ;
N/A	N/A	CA Desktop Management Suite 11.1 ;
N/A	N/A	CA ARCserve Backup for Laptops and Desktops r4.0 ;

References

Title

Publication Time

Tags

Bulletin de sécurité CA ARCserve du 21 septembre 2007	None	vendor-advisory
Bulletin de sécurité Computer Associates :	-	other
Bulletin de sécurité iDefense du 21 septembre 2007 :	-	other
Bulletin de sécurité iDefense du 21 septembre 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "CA Desktop Management Suite 11.2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup for Laptops and Desktops r11.1 SP1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup for Laptops and Desktops r11.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA Desktop Management Suite 11.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup for Laptops and Desktops r11.1 SP2 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup for Laptops and Desktops r11.5 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA Protection Suite r2.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup for Laptops and Desktops r11.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA Desktop Management Suite 11.1 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    },
    {
      "description": "CA ARCserve Backup for Laptops and Desktops r4.0 ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "N/A",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s sont pr\u00e9sentent dans les produits ARCserve\nBackup for Laptops and Desktops de Computer Associates. Ces\nvuln\u00e9rabilit\u00e9s sont toutes relatives \u00e0 un manque de contr\u00f4le dans les\n\u00e9l\u00e9ments suivant du logiciel :\n\n-   le service LGServer ;\n-   le service d\u0027authentification de ARCserve Backup ;\n-   le service d\u0027autentification rxLogin ;\n-   le service NetBackup lors d\u0027un t\u00e9l\u00e9chargement de fichier.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5004",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5004"
    },
    {
      "name": "CVE-2007-5005",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5005"
    },
    {
      "name": "CVE-2007-3216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3216"
    },
    {
      "name": "CVE-2007-5006",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5006"
    },
    {
      "name": "CVE-2007-5003",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5003"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Computer Associates :",
      "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 iDefense du 21 septembre 2007 :",
      "url": "http://www.idefense.com/application/poi/display?id=599"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 iDefense du 21 septembre 2007 :",
      "url": "http://www.idefense.com/application/poi/display?id=598"
    }
  ],
  "reference": "CERTA-2007-AVI-415",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-09-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s dans les produits ARCserve de Computer\nAssociate permettent \u00e0 un utilisateur distant d\u0027ex\u00e9cuter du code\narbitraire.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits CA ARCserve",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 CA ARCserve du 21 septembre 2007",
      "url": null
    }
  ]
}

GHSA-QJF7-69W3-45MH

Vulnerability from github – Published: 2022-05-01 18:11 – Updated: 2022-05-01 18:11

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-3216"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-06-14T22:30:00Z",
    "severity": "HIGH"
  },
  "details": "Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.",
  "id": "GHSA-qjf7-69w3-45mh",
  "modified": "2022-05-01T18:11:31Z",
  "published": "2022-05-01T18:11:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3216"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34805"
    },
    {
      "type": "WEB",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/35329"
    },
    {
      "type": "WEB",
      "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
    },
    {
      "type": "WEB",
      "url": "http://research.eeye.com/html/advisories/upcoming/20070604.html"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/25606"
    },
    {
      "type": "WEB",
      "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp"
    },
    {
      "type": "WEB",
      "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
    },
    {
      "type": "WEB",
      "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
    },
    {
      "type": "WEB",
      "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/24348"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1018216"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1018728"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/2121"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2007-3216

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-3216

Aliases

CVE-2007-3216

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-3216",
    "description": "Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.",
    "id": "GSD-2007-3216",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2007-3216"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-3216"
      ],
      "details": "Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.",
      "id": "GSD-2007-3216",
      "modified": "2023-12-13T01:21:42.012685Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-3216",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "24348",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/24348"
          },
          {
            "name": "brightstor-unspecified-code-execution(34805)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34805"
          },
          {
            "name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp",
            "refsource": "CONFIRM",
            "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp"
          },
          {
            "name": "25606",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/25606"
          },
          {
            "name": "1018216",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1018216"
          },
          {
            "name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673",
            "refsource": "CONFIRM",
            "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673"
          },
          {
            "name": "35329",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/35329"
          },
          {
            "name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities",
            "refsource": "IDEFENSE",
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
          },
          {
            "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006",
            "refsource": "CONFIRM",
            "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
          },
          {
            "name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
            "refsource": "BUGTRAQ",
            "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
          },
          {
            "name": "ADV-2007-2121",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/2121"
          },
          {
            "name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp",
            "refsource": "CONFIRM",
            "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
          },
          {
            "name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
            "refsource": "EEYE",
            "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
          },
          {
            "name": "1018728",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1018728"
          },
          {
            "name": "http://research.eeye.com/html/advisories/upcoming/20070604.html",
            "refsource": "MISC",
            "url": "http://research.eeye.com/html/advisories/upcoming/20070604.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3216"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://research.eeye.com/html/advisories/upcoming/20070604.html",
              "refsource": "MISC",
              "tags": [],
              "url": "http://research.eeye.com/html/advisories/upcoming/20070604.html"
            },
            {
              "name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp"
            },
            {
              "name": "24348",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/24348"
            },
            {
              "name": "1018216",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1018216"
            },
            {
              "name": "25606",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/25606"
            },
            {
              "name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops \u0026 Desktops",
              "refsource": "EEYE",
              "tags": [],
              "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"
            },
            {
              "name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities",
              "refsource": "IDEFENSE",
              "tags": [],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"
            },
            {
              "name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"
            },
            {
              "name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673"
            },
            {
              "name": "1018728",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id?1018728"
            },
            {
              "name": "35329",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://osvdb.org/35329"
            },
            {
              "name": "ADV-2007-2121",
              "refsource": "VUPEN",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2121"
            },
            {
              "name": "brightstor-unspecified-code-execution(34805)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34805"
            },
            {
              "name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities",
              "refsource": "BUGTRAQ",
              "tags": [],
              "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2021-04-07T18:21Z",
      "publishedDate": "2007-06-14T22:30Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-3216 (GCVE-0-2007-3216)

FKIE_CVE-2007-3216

CERTA-2007-AVI-415

Description

Solution

CERTA-2007-AVI-415

Description

Solution

GHSA-QJF7-69W3-45MH

GSD-2007-3216

Tags

Sightings

Nomenclature