CVE-2007-3216: Buffer Overflow
First published: Thu Jun 14 2007(Updated: )
Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Broadcom Brightstor Arcserve Backup Laptops Desktops | =11.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://research.eeye.com/html/advisories/upcoming/20070604.html
- http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp
- http://www.securityfocus.com/bid/24348
- http://www.securitytracker.com/id?1018216
- http://secunia.com/advisories/25606
- http://research.eeye.com/html/advisories/published/AD20070920.html
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599
- http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp
- http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006
- http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673
- http://www.securitytracker.com/id?1018728
- http://osvdb.org/35329
- http://www.vupen.com/english/advisories/2007/2121
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34805
- http://www.securityfocus.com/archive/1/480252/100/100/threaded
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/nvd-historical
- collector/nvd-index
- vendor/broadcom
- canonical/broadcom brightstor arcserve backup laptops desktops
- version/broadcom brightstor arcserve backup laptops desktops/11.1