Vulnerability Details : CVE-2007-3216
Public exploit exists!
Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.
Vulnerability category: OverflowExecute code
Products affected by CVE-2007-3216
- cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-3216
95.45%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2007-3216
-
CA BrightStor ARCserve for Laptops and Desktops LGServer Multiple Commands Buffer Overflow
Disclosure Date: 2007-06-06First seen: 2020-04-26exploit/windows/brightstor/lgserver_multiThis module exploits a stack buffer overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request to multiple commands, an attacker could overflow the buffer and execute arbitrary code. Authors: - MC -
CA BrightStor ARCserve for Laptops and Desktops LGServer Buffer Overflow
Disclosure Date: 2007-06-06First seen: 2020-04-26exploit/windows/brightstor/lgserver_rxsuselicenseiniThis module exploits a stack buffer overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request (rxsUseLicenseIni), an attacker could overflow the buffer and execute arbitrary code. Authors: - MC < -
CA BrightStor ARCserve for Laptops and Desktops LGServer rxsSetDataGrowthScheduleAndFilter Buffer Ov
Disclosure Date: 2007-06-06First seen: 2020-04-26exploit/windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilterThis module exploits a stack buffer overflow in Computer Associates BrightStor ARCserve Backup for Laptops & Desktops 11.1. By sending a specially crafted request (rxsSetDataGrowthScheduleAndFilter), an attacker could overflow the buffer and execute arbitrary code.
CVSS scores for CVE-2007-3216
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2007-3216
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2007-3216
-
http://research.eeye.com/html/advisories/published/AD20070920.html
-
http://www.securityfocus.com/archive/1/480252/100/100/threaded
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/34805
-
http://research.eeye.com/html/advisories/upcoming/20070604.html
-
http://www.securitytracker.com/id?1018216
-
http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673
Vendor Advisory
-
http://www.vupen.com/english/advisories/2007/2121
Vendor Advisory
-
http://www.securityfocus.com/bid/24348
Computer Associates ARCserve Backup Multiple Remote Buffer Overflow Vulnerabilities
-
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599
-
http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp
-
http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp
-
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006
Vendor Advisory
-
http://www.securitytracker.com/id?1018728
Jump to