CVE-2007-0169

Sažetak

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=467
http://osvdb.org/31327
http://secunia.com/advisories/23648
http://securitytracker.com/id?1017506
http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp
http://www.kb.cert.org/vuls/id/151032
http://www.kb.cert.org/vuls/id/180336
http://www.securityfocus.com/archive/1/456618/100/0/threaded
http://www.securityfocus.com/archive/1/456619/100/0/threaded
http://www.securityfocus.com/archive/1/456711
http://www.securityfocus.com/bid/22005
http://www.securityfocus.com/bid/22006
http://www.vupen.com/english/advisories/2007/0154
http://www.zerodayinitiative.com/advisories/ZDI-07-003.html
http://www.zerodayinitiative.com/advisories/ZDI-07-004.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/31433
https://exchange.xforce.ibmcloud.com/vulnerabilities/31443

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

07-04-2021 - 18:53

Objavljeno

11-01-2007 - 22:28