Computer Associates BrightStor ARCserve Backup LGSERVER.EXE Denial Of Service Vulnerability
BID:22339
Info
Computer Associates BrightStor ARCserve Backup LGSERVER.EXE Denial Of Service Vulnerability
| Bugtraq ID: | 22339 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2007-0672 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 11 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | Mark Litchfield and John Heasman are credited with the discovery of this issue. |
| Vulnerable: |
Computer Associates Desktop Protection Suite 2.0 Computer Associates Desktop Management Suite 11.1 Computer Associates Business Protection Suite for Microsoft SBS Std Ed r2 Computer Associates Business Protection Suite for Microsoft SBS Pre ed r2 Computer Associates Business Protection Suite 2.0 Computer Associates ARCserve Backup for Laptops and Desktops 11.1 SP1 Computer Associates ARCserve Backup for Laptops and Desktops 11.1 Computer Associates ARCserve Backup for Laptops and Desktops 11.0 |
| Not Vulnerable: | |
Discussion
Computer Associates BrightStor ARCserve Backup LGSERVER.EXE Denial Of Service Vulnerability
Computer Associates BrightStor ARCserve Backup is affected by a denial-of-service vulnerability because the application mishandles unexpected user-supplied input.
A remote attacker may exploit this issue to cause denial-of-service conditions.
Computer Associates BrightStor ARCserve Backup is affected by a denial-of-service vulnerability because the application mishandles unexpected user-supplied input.
A remote attacker may exploit this issue to cause denial-of-service conditions.
Exploit / POC
Computer Associates BrightStor ARCserve Backup LGSERVER.EXE Denial Of Service Vulnerability
To exploit this issue, attackers can use readily available tools for creating network packets.
To exploit this issue, attackers can use readily available tools for creating network packets.
Solution / Fix
Computer Associates BrightStor ARCserve Backup LGSERVER.EXE Denial Of Service Vulnerability
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.
Computer Associates ARCserve Backup for Laptops and Desktops 11.1
Computer Associates ARCserve Backup for Laptops and Desktops 11.0
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.
Computer Associates ARCserve Backup for Laptops and Desktops 11.1
-
Computer Associates QI85497
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO83 833
Computer Associates ARCserve Backup for Laptops and Desktops 11.0
-
Computer Associates QO83833
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO83 833 -
Computer Associates QO85402
http://supportconnect.ca.com/sc/redir.jsp?reqPage=search&searchID=QO85 402
References
Computer Associates BrightStor ARCserve Backup LGSERVER.EXE Denial Of Service Vulnerability
References:
References:
- BrightStor ARCserve Backup Product Page (Computer Associates)
- Remote Unauthenticated Resource Exhaustion CA Mobile BackupService (NGS Software Insight Security Research)
- Important Security Notice for BrightStor ARCserve Backup for Laptops & Desktops (Computer Associates)