CVSS: 10.0EPSS: 89%CPEs: 1EXPL: 0CVE-2007-1447
https://notcve.org/view.php?id=CVE-2007-1447
The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC procedure arguments, which result in memory corruption, a different vulnerability than CVE-2006-6076. El motor de cinta en CA (formalmente Computer Associates) BrightStor ARCserve Backup 11.5 y anteriores permite a atacantes remotos provocar denegación de servicio y posiblemente ejecutar código de su elección a través de ciertos argumentos de procesos RPC, lo cual deriva en una corrupción memoria, una vulnerabilidad diferente que la CVE-2006-6076. • http://secunia.com/advisories/24512 http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp http://www.kb.cert.org/vuls/id/375353 http://www.osvdb.org/32990 http://www.securityfocus.com/bid/22994 http://www.securitytracker.com/id?1017783 http://www.vupen.com/english/advisories/2007/0971 http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317 https://exchange.xforce.ibmcloud.com/vulnerabilities/33017 •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 0CVE-2007-1448
https://notcve.org/view.php?id=CVE-2007-1448
The Tape Engine in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 and earlier allows remote attackers to cause a denial of service (disabled interface) by calling an unspecified RPC function. El motor Tape en CA (formalmente Computer Associates) BrightStor ARCserve Backup 11.5 y anteriores permite a atacantes remotos provocar una denegación de servicio (deshabilitado del interfaz) llamando a una función RPC no especificada. • http://secunia.com/advisories/24512 http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp http://www.kb.cert.org/vuls/id/647273 http://www.osvdb.org/32991 http://www.securityfocus.com/bid/22994 http://www.securitytracker.com/id?1017783 http://www.vupen.com/english/advisories/2007/0971 http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317 https://exchange.xforce.ibmcloud.com/vulnerabilities/33020 •
CVSS: 5.0EPSS: 30%CPEs: 5EXPL: 1CVE-2007-0816 – CA BrightStor ARCserve 11.5.2.0 - 'catirpc.dll' RPC Server Denial of Service
https://notcve.org/view.php?id=CVE-2007-0816
The RPC Server service (catirpc.exe) in CA (formerly Computer Associates) BrightStor ARCserve Backup 11.5 SP2 and earlier allows remote attackers to cause a denial of service (service crash) via a crafted TADDR2UADDR that triggers a null pointer dereference in catirpc.dll, possibly related to null credentials or verifier fields. El servicio RPC Server (catirpc.exe) en CA (anteriormente Computer Associates) BrightStor ARCserve Backup versión 11.5 SP2 y anteriores, permite a atacantes remotos causar una denegación de servicio (bloqueo del servicio) por medio de un TADDR2UADDR diseñado que desencadena una desreferencia del puntero null en biblioteca catirpc.dll, posiblemente relacionada con credenciales nulas o campos de comprobación. • https://www.exploit-db.com/exploits/3248 http://osvdb.org/32989 http://secunia.com/advisories/24009 http://secunia.com/advisories/24512 http://supportconnectw.ca.com/public/storage/infodocs/babtapeng-securitynotice.asp http://www.securityfocus.com/bid/22365 http://www.vupen.com/english/advisories/2007/0461 http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=101317 http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=35058 https://exchange.xforce.ibmcloud.com/vulnerabilities&# •
CVSS: 7.8EPSS: 2%CPEs: 9EXPL: 0CVE-2007-0673
https://notcve.org/view.php?id=CVE-2007-0673
LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service (daemon crash) via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read. El archivo LGSERVER.EXE en BrightStor ARCserve Backup para Ordenadores Portátiles y de Escritorio versión r11.1 permite a los atacantes remotos causar una denegación de servicio (bloqueo del demonio) por medio de un valor de 0xFFFFFFFF en un determinado punto en un paquete de negociación de autenticación, resultando en una lectura fuera de límites. • http://osvdb.org/32948 http://securityreason.com/securityalert/2218 http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp http://www.securityfocus.com/archive/1/458650/100/0/threaded http://www.securityfocus.com/bid/22337 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 0CVE-2007-0672
https://notcve.org/view.php?id=CVE-2007-0672
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\. LGSERVER.EXE de BrightStor Mobile Backup 4.0 permite a atacantes remotos provocar una denegación de servicio (agotamiento de disco y colapso de demonio) mediante un valor 0xFFFFFF7F en un punto concreto en un paquete de negociación de autenticación, que escribe una cantidad grade de datos a un fichero . USX en CA_BABLDdata\Server\data\transfer\. • http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp http://www.securityfocus.com/archive/1/458653/100/0/threaded http://www.securityfocus.com/bid/22339 •