CVE-2007-0672
First published: Sat Feb 03 2007(Updated: )
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Broadcom Business Protection Suite | =2.0 | |
| Broadcom Business Protection Suite | =2.0 | |
| CA ARCserve Backup for Laptops and Desktops | =11.0 | |
| CA ARCserve Backup for Laptops and Desktops | =11.1 | |
| CA ARCserve Backup for Laptops and Desktops | =11.1-sp1 | |
| Broadcom Business Protection Suite | =2.0 | |
| Broadcom Desktop Management Suite | =11.0 | |
| Broadcom Desktop Management Suite | =11.1 | |
| Broadcom Desktop Protection Suite | =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2007-0672?
CVE-2007-0672 is classified as a denial of service vulnerability that can cause disk consumption and daemon hang.
How do I fix CVE-2007-0672?
To mitigate CVE-2007-0672, you should update to the latest version of BrightStor Mobile Backup or apply any available security patches.
Which software is affected by CVE-2007-0672?
CVE-2007-0672 affects BrightStor Mobile Backup 4.0 and various versions of Broadcom products including BrightStor ARCserve Backup and Business Protection Suite.
Can CVE-2007-0672 be exploited remotely?
Yes, CVE-2007-0672 can be exploited by remote attackers during authentication negotiation.
What happens if CVE-2007-0672 is exploited?
Exploiting CVE-2007-0672 can lead to a denial of service by consuming disk space and causing the backup daemon to hang.
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/last-modified-date
- agent/event
- agent/description
- agent/first-publish-date
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ca
- canonical/broadcom business protection suite
- version/broadcom business protection suite/2.0
- vendor/broadcom
- canonical/ca arcserve backup for laptops and desktops
- version/ca arcserve backup for laptops and desktops/11.0
- version/ca arcserve backup for laptops and desktops/11.1
- version/ca arcserve backup for laptops and desktops/11.1-sp1
- canonical/broadcom desktop management suite
- version/broadcom desktop management suite/11.0
- version/broadcom desktop management suite/11.1
- canonical/broadcom desktop protection suite
- version/broadcom desktop protection suite/2.0