Vulnerability Details : CVE-2007-2139
Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785.
Vulnerability category: Execute code
At least one public exploit which can be used to exploit this vulnerability exists!
Exploit prediction scoring system (EPSS) score for CVE-2007-2139
Probability of exploitation activity in the next 30 days: 95.53%
Metasploit modules for CVE-2007-2139
CA BrightStor ArcServe Media Service Stack Buffer OverflowDisclosure Date : 2007-04-25exploit/windows/brightstor/mediasrv_sunrpcThis exploit targets a stack buffer overflow in the MediaSrv RPC service of CA BrightStor ARCserve. By sending a specially crafted SUNRPC request, an attacker can overflow a stack buffer and execute arbitrary code. Authors: - toto
CVSS scores for CVE-2007-2139
|Base Score||Base Severity||CVSS Vector||Exploitability Score||Impact Score||Source|
References for CVE-2007-2139
US Government Resource
Products affected by CVE-2007-2139