CVE-2007-0169
Summary
| CVE | CVE-2007-0169 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-01-11 22:28:00 UTC |
| Updated | 2021-04-07 18:53:00 UTC |
| Description | Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Broadcom | Brightstor Arcserve Backup | 9.01 | All | All | All |
| Application | Broadcom | Brightstor Arcserve Backup | All | All | All | All |
| Application | Broadcom | Brightstor Enterprise Backup | 10.5 | All | All | All |
| Application | Broadcom | Business Protection Suite | 2.0 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | 9.01 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | 9.01 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup | All | All | All | All |
| Application | Ca | Brightstor Enterprise Backup | 10.5 | All | All | All |
| Application | Ca | Brightstor Enterprise Backup | 10.5 | All | All | All |
| Application | Ca | Business Protection Suite | 2.0 | All | All | All |
| Application | Ca | Business Protection Suite | 2.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| ZDI-07-004 | MISC | www.zerodayinitiative.com | Exploit |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| CA BrightStor ARCserve Backup Tape Engine TCP 6502 Remote Buffer Overflow Vulnerability | BID | www.securityfocus.com | |
| CA BrightStor ARCserve Backup Multiple Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| ZDI-07-003 | MISC | www.zerodayinitiative.com | Exploit |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp | CONFIRM | supportconnectw.ca.com | Patch |
| SecurityTracker.com Archives - BrightStor ARCserve Backup Bugs in Tape Engine, Mediasvr, and ASCORE.DLL Let Remote Users Execute Arbitrary Code | SECTRACK | securitytracker.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| US-CERT Vulnerability Note VU#180336 | CERT-VN | www.kb.cert.org | US Government Resource |
| 20070111 Computer Associates BrightStor ARCserve Backup RPC Engine PFC Request Buffer Overflow Vulnerability | IDEFENSE | labs.idefense.com | |
| US-CERT Vulnerability Note VU#151032 | CERT-VN | www.kb.cert.org | US Government Resource |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| 31327 | OSVDB | osvdb.org | |
| CA BrightStor ARCserve Backup Message Engine/Tape Engine Remote Buffer Overflow Vulnerability | BID | www.securityfocus.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.