CVE-2007-3216
Summary
| CVE | CVE-2007-3216 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2007-06-14 22:30:00 UTC |
| Updated | 2021-04-07 18:21:00 UTC |
| Description | Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Broadcom | Brightstor Arcserve Backup Laptops Desktops | 11.1 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup Laptops Desktops | 11.1 | All | All | All |
| Application | Ca | Brightstor Arcserve Backup Laptops Desktops | 11.1 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| CA ARCserve Backup for Laptops and Desktops LGServer service multiple vulnerabilities - CA | CONFIRM | www.ca.com | Vendor Advisory |
| SecurityTracker.com Archives - BrightStor ARCserve for Laptops and Desktops Lets Remote Users Execute Arbitrary Code | SECTRACK | www.securitytracker.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Resources | BeyondTrust | EEYE | research.eeye.com | |
| SecurityTracker: CA ARCserve Bugs Let Remote Users Execute Arbitrary Code, Bypass Authentication, and Deny Service | SECTRACK | www.securitytracker.com | |
| Resources | BeyondTrust | MISC | research.eeye.com | |
| CA ARCserve Backup for Laptops & Desktops Multiple Vulnerabilities - Advisories - Secunia | SECUNIA | secunia.com | Vendor Advisory |
| Computer Associates ARCserve Backup Multiple Remote Buffer Overflow Vulnerabilities | BID | www.securityfocus.com | |
| CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities - CA | CONFIRM | www.ca.com | Vendor Advisory |
| supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp | CONFIRM | supportconnectw.ca.com | |
| 35329 | OSVDB | osvdb.org | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | Vendor Advisory |
| supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp | CONFIRM | supportconnectw.ca.com | |
| 20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities | IDEFENSE | labs.idefense.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.