CVE-2007-0169 : Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.

Published 2007-01-11 22:28:00

Updated 2025-04-09 00:30:58

Source MITRE

View at NVD, CVE.org

Vulnerability category: Execute code

Products affected by CVE-2007-0169

Broadcom » Brightstor Arcserve Backup
Versions up to, including, (<=) 11.5
cpe:2.3:a:broadcom:brightstor_arcserve_backup:*:*:*:*:*:*:*:*
Matching versions
Broadcom » Brightstor Arcserve Backup » Version: 9.01
cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
Matching versions
Broadcom » Brightstor Enterprise Backup » Version: 10.5
cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
Matching versions
Broadcom » Business Protection Suite » Version: 2.0
cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2007-0169

EPSS FAQ

75.59%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 99 %

Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2007-0169

CA BrightStor ARCserve Message Engine Buffer Overflow

Disclosure Date: 2007-01-11

First seen: 2020-04-26

exploit/windows/brightstor/message_engine

This module exploits a buffer overflow in Computer Associates BrightStor ARCserve Backup 11.1 - 11.5 SP2. By sending a specially crafted RPC request, an attacker could overflow the buffer and execute arbitrary code. Authors: - MC <mc@metasploit.com> - aushack <p

More information

CVSS scores for CVE-2007-0169

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P	10.0	6.4	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2007-0169

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2007-0169

http://www.securityfocus.com/archive/1/456618/100/0/threaded
http://www.zerodayinitiative.com/advisories/ZDI-07-003.html

Exploit
http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp

Patch

CVEs referencing this url
http://www.securityfocus.com/archive/1/456619/100/0/threaded
http://www.kb.cert.org/vuls/id/180336

US Government Resource
http://osvdb.org/31327

CVEs referencing this url
http://secunia.com/advisories/23648

Vendor Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/22005

CA BrightStor ARCserve Backup Message Engine/Tape Engine Remote Buffer Overflow Vulnerability
http://securitytracker.com/id?1017506

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/31443
http://www.zerodayinitiative.com/advisories/ZDI-07-004.html

Exploit
http://www.vupen.com/english/advisories/2007/0154

Vendor Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/31433
http://www.securityfocus.com/bid/22006
http://www.securityfocus.com/archive/1/456711

CVEs referencing this url
http://www.kb.cert.org/vuls/id/151032

US Government Resource
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=467

Jump to