CVE-2007-5326: Buffer Overflow
First published: Sat Oct 13 2007(Updated: )
Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Broadcom BrightStor ARCserve Backup | =11 | |
| Broadcom Business Protection Suite | =2.0 | |
| Broadcom Business Protection Suite | =2.0 | |
| CA BrightStor ARCserve Backup | =11.5 | |
| CA BrightStor ARCserve Backup | =11.1 | |
| CA BrightStor ARCserve Backup | =9.01 | |
| Broadcom BrightStor Enterprise Backup | =10.5 | |
| Broadcom Business Protection Suite | =2.0 | |
| Broadcom Server Protection Suite | =2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/secunia_research/2007-49/advisory/
- http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp
- http://www.securityfocus.com/bid/26015
- http://www.securitytracker.com/id?1018805
- http://secunia.com/advisories/27192
- http://osvdb.org/41368
- http://www.vupen.com/english/advisories/2007/3470
- http://www.securityfocus.com/archive/1/482121/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2007-5326?
CVE-2007-5326 is considered to have a high severity due to the potential for remote code execution.
How do I fix CVE-2007-5326?
To mitigate the risk of CVE-2007-5326, users should upgrade to a patched version of CA BrightStor ARCServe Backup or Enterprise Backup.
What versions are affected by CVE-2007-5326?
CVE-2007-5326 affects CA BrightStor ARCServe BackUp versions 9.01 through 11.5, and Enterprise Backup version 10.5.
Who can exploit CVE-2007-5326?
Remote attackers can exploit CVE-2007-5326 through unspecified vectors that trigger the buffer overflow.
What are the potential consequences of CVE-2007-5326?
Exploitation of CVE-2007-5326 can lead to arbitrary code execution on the affected systems.
- agent/references
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/ca
- canonical/broadcom brightstor arcserve backup
- version/broadcom brightstor arcserve backup/11
- canonical/broadcom business protection suite
- version/broadcom business protection suite/2.0
- vendor/broadcom
- canonical/ca brightstor arcserve backup
- version/ca brightstor arcserve backup/11.5
- version/ca brightstor arcserve backup/11.1
- version/ca brightstor arcserve backup/9.01
- canonical/broadcom brightstor enterprise backup
- version/broadcom brightstor enterprise backup/10.5
- canonical/broadcom server protection suite
- version/broadcom server protection suite/2