CVE-2007-2772 – CA BrightStor Backup 11.5.2.0 - 'caloggderd.exe' Denial of Service
https://notcve.org/view.php?id=CVE-2007-2772
(1) caloggerd.exe (camt70.dll) and (2) mediasvr.exe (catirpc.dll and rwxdr.dll) in CA BrightStor Backup 11.5.2.0 SP2 allow remote attackers to cause a denial of service (NULL dereference and application crash) via a crafted RPC packet. (1) caloggerd.exe (camt70.dll) y (2) mediasvr.exe (catirpc.dll and rwxdr.dll) en CA BrightStor Backup 11.5.2.0 SP2 permite a atacantes remotos provocar denegación de servicio (referencia NULL y caida de aplicación) a través de un paquete RPC manipulado. • https://www.exploit-db.com/exploits/3939 https://www.exploit-db.com/exploits/3940 http://osvdb.org/35327 http://osvdb.org/35328 http://secunia.com/advisories/25300 http://securityreason.com/securityalert/2727 http://supportconnectw.ca.com/public/storage/infodocs/babmedservul-secnotice.asp http://www.securityfocus.com/archive/1/468784/100/0/threaded http://www.securitytracker.com/id?1018076 http://www.vupen.com/english/advisories/2007/1849 https://exchange.xforce.ibmcloud.com/ •
CVE-2007-2139 – CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-2139
Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785. Múltiple desbordamiento de búfer basado en pila en el servicio SUN RPC del CA (antiguamente Computer Associates) BrightStor ARCserve Media Server, como el utilizado en el BrightStor ARCserve Backup 9.01 hasta la 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2 y Business Protection Suite 2, permite a atacantes remotos ejecutar código de su elección a través de cadenas RPC mal formadas. Vulnerabilidad diferente a las CVE-2006-5171, CVE-2006-5172 y CVE-2007-1785. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Computer Associates BrightStor ARCserve Media Server. User interaction is not required to exploit this vulnerability. The specific flaw exists in the SUN RPC service which binds to a randomly chosen high TCP port. • https://www.exploit-db.com/exploits/16413 http://osvdb.org/35326 http://secunia.com/advisories/24972 http://securityreason.com/securityalert/2628 http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp http://www.kb.cert.org/vuls/id/979825 http://www.securityfocus.com/archive/1/466790/100/0/threaded http://www.securityfocus.com/bid/23635 http://www.securitytracker.com/id?1017952 http://www.vupen.com/english/advisories/2007/1529 http://www.zerodayinitiat •
CVE-2007-1785 – CA BrightStor Backup 11.5.2.0 - 'Mediasvr.exe' Remote Code
https://notcve.org/view.php?id=CVE-2007-1785
The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request. El servicio RPC en mediasvr.exe en CA BrightStor ARCserve Backup 11.5 SP2 construcción 4237 permite a atacantes remotos ejecutar código de su elección a través de datos xdr_handle_t manipulados en paquetes RPC, el cual es utilizado en el cálculo de la dirección para una función de llamada, como se demostró utilizando la respuesta RPC 191 (0xbf). • https://www.exploit-db.com/exploits/3604 http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0467.html http://secunia.com/advisories/24682 http://securityreason.com/securityalert/2509 http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp http://www.kb.cert.org/vuls/id/151305 http://www.securityfocus.com/archive/1/464270/100/0/threaded http://www.securityfocus.com/archive/1/464343/100/0/threaded http://www.securityfocus.com/bid/23209 http://www •
CVE-2007-0673
https://notcve.org/view.php?id=CVE-2007-0673
LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read. El archivo LGSERVER.EXE en BrightStor ARCserve Backup para Ordenadores Portátiles y de Escritorio versión r11.1 permite a los atacantes remotos causar una denegación de servicio (bloqueo del demonio) por medio de un valor de 0xFFFFFFFF en un determinado punto en un paquete de negociación de autenticación, resultando en una lectura fuera de límites. • http://osvdb.org/32948 http://securityreason.com/securityalert/2218 http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp http://www.securityfocus.com/archive/1/458650/100/0/threaded http://www.securityfocus.com/bid/22337 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-0672
https://notcve.org/view.php?id=CVE-2007-0672
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\. LGSERVER.EXE de BrightStor Mobile Backup 4.0 permite a atacantes remotos provocar una denegación de servicio (agotamiento de disco y colapso de demonio) mediante un valor 0xFFFFFF7F en un punto concreto en un paquete de negociación de autenticación, que escribe una cantidad grade de datos a un fichero . USX en CA_BABLDdata\Server\data\transfer\. • http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp http://www.securityfocus.com/archive/1/458653/100/0/threaded http://www.securityfocus.com/bid/22339 •