Published: 14/06/2007 Updated: 07/04/2021

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Subscribe to Brightstor Arcserve Backup Laptops Desktops

Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote malicious users to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.

Vulnerable Product	Search on Vulmon	Subscribe to Product
broadcom brightstor arcserve backup laptops desktops 11.1

## # $Id: lgserver_multirb 10909 2010-11-04 23:59:56Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class ...

## # $Id: $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = Aver ...

## # $Id: lgserver_rxsuselicenseinirb 10892 2010-11-03 22:09:44Z mc $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' ...

CWE-119 http://research.eeye.com/html/advisories/upcoming/20070604.html http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp http://www.securityfocus.com/bid/24348 http://www.securitytracker.com/id?1018216 http://secunia.com/advisories/25606 http://research.eeye.com/html/advisories/published/AD20070920.html http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599 http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673 http://www.securitytracker.com/id?1018728 http://osvdb.org/35329 http://www.vupen.com/english/advisories/2007/2121 https://exchange.xforce.ibmcloud.com/vulnerabilities/34805 http://www.securityfocus.com/archive/1/480252/100/100/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/16416/

CVE-2007-3216

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect