CVE-2007-0449
CA BrightStor ARCserve - 'lgserver.exe' Remote Stack Overflow
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
4
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Multiple buffer overflows in LGSERVER.EXE in CA BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.1 SP1, Mobile Backup r4.0, Desktop and Business Protection Suite r2, and Desktop Management Suite (DMS) r11.0 and r11.1 allow remote attackers to execute arbitrary code via crafted packets to TCP port (1) 1900 or (2) 2200.
Múltiples desbordamientos de búfer en el archivo LGSERVER.EXE en CA BrightStor ARCserve Backup para Ordenadores Portátiles y de Escritorio versión r11.0 hasta versión r11.1 SP1, Mobile Backup versión r4.0, Desktop and Business Protection Suite versión r2 y Desktop Management Suite (DMS) versiones r11.0 y r11.1 permiten a los atacantes remotos ejecutar código arbitrario por medio de la creación de paquetes hacia los puertos TCP (1) 1900 o (2) 2200.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-01-23 CVE Reserved
- 2007-01-23 CVE Published
- 2007-01-27 First Exploit
- 2024-08-04 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (20)
| URL | Tag | Source |
|---|---|---|
| http://securitytracker.com/id?1017548 | Vdb Entry | |
| http://www.kb.cert.org/vuls/id/357308 | Third Party Advisory |
|
| http://www.kb.cert.org/vuls/id/611276 | Third Party Advisory |
|
| http://www.osvdb.org/31593 | Vdb Entry | |
| http://www.securityfocus.com/archive/1/457945/30/8460/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/458644/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/458648/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/bid/22199 | Vdb Entry | |
| http://www.securityfocus.com/bid/22340 | Vdb Entry | |
| http://www.securityfocus.com/bid/22342 | Vdb Entry | |
| http://www3.ca.com/securityadvisor/newsinfo/collateral.aspx?cid=97696 | X_refsource_confirm | |
| http://www3.ca.com/securityadvisor/vulninfo/Vuln.aspx?ID=34993 | X_refsource_confirm | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/31704 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/3244 | 2007-02-01 | |
| https://www.exploit-db.com/exploits/3211 | 2007-01-27 | |
| https://www.exploit-db.com/exploits/3218 | 2007-01-28 | |
| https://www.exploit-db.com/exploits/16400 | 2010-05-09 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/23897 | 2021-04-08 | |
| http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp | 2021-04-08 |
| URL | Date | SRC |
|---|---|---|
| http://www.vupen.com/english/advisories/2007/0314 | 2021-04-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Broadcom Search vendor "Broadcom" | Brightstor Arcserve Backup Laptops Desktops Search vendor "Broadcom" for product "Brightstor Arcserve Backup Laptops Desktops" | 11.0 Search vendor "Broadcom" for product "Brightstor Arcserve Backup Laptops Desktops" and version "11.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Brightstor Arcserve Backup Laptops Desktops Search vendor "Broadcom" for product "Brightstor Arcserve Backup Laptops Desktops" | 11.1 Search vendor "Broadcom" for product "Brightstor Arcserve Backup Laptops Desktops" and version "11.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Brightstor Arcserve Backup Laptops Desktops Search vendor "Broadcom" for product "Brightstor Arcserve Backup Laptops Desktops" | 11.1 Search vendor "Broadcom" for product "Brightstor Arcserve Backup Laptops Desktops" and version "11.1" | sp1 |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Brightstor Mobile Backup Search vendor "Broadcom" for product "Brightstor Mobile Backup" | r4.0 Search vendor "Broadcom" for product "Brightstor Mobile Backup" and version "r4.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Business Protection Suite Search vendor "Broadcom" for product "Business Protection Suite" | 2.0 Search vendor "Broadcom" for product "Business Protection Suite" and version "2.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Desktop Management Suite Search vendor "Broadcom" for product "Desktop Management Suite" | 11.0 Search vendor "Broadcom" for product "Desktop Management Suite" and version "11.0" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Desktop Management Suite Search vendor "Broadcom" for product "Desktop Management Suite" | 11.1 Search vendor "Broadcom" for product "Desktop Management Suite" and version "11.1" | - |
Affected
| ||||||
| Broadcom Search vendor "Broadcom" | Desktop Protection Suite Search vendor "Broadcom" for product "Desktop Protection Suite" | 2.0 Search vendor "Broadcom" for product "Desktop Protection Suite" and version "2.0" | - |
Affected
| ||||||