Vulnerability CVE-2007-0449


Published: 2007-01-23   Modified: 2012-02-12

Description:
Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200.

Type:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
CA -> Brightstor arcserve backup laptops desktops 
CA -> Brightstor mobile backup 
CA -> Business protection suite 
CA -> Desktop management suite 
CA -> Desktop protection suite 

 References:
http://securitytracker.com/id?1017548
http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp
http://www.kb.cert.org/vuls/id/357308
http://www.kb.cert.org/vuls/id/611276
http://www.securityfocus.com/archive/1/457945/30/8460/threaded
http://www.securityfocus.com/archive/1/458644/100/0/threaded
http://www.securityfocus.com/archive/1/458648/100/0/threaded
http://www.securityfocus.com/bid/22199
http://www.securityfocus.com/bid/22340
http://www.securityfocus.com/bid/22342
http://www.vupen.com/english/advisories/2007/0314
http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97696
http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=34993
https://exchange.xforce.ibmcloud.com/vulnerabilities/31704

Copyright 2020, cxsecurity.com

 

Back to Top