|
CA BrightStor ARCserve backup system multiple buffer overflows
updated since 25.04.2007 | | Published: |  | 17.05.2007 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 7635 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | Multiple buffer overflows in RPC-based Media Server service. |
| Affected: |  | CA : Brightstor ARCserve Backup 11.1 | | | | CA : BrightStor ARCserve Backup 9.01 | | | | CA : BrightStor Enterprise Backup 10.5 | | | | CA : Brightstor ARCserve Backup 11.5 | | | | CA : CA Server Protection Suite 2 | | | | CA : CA Business Protection Suite 2 | | | | CA : BrightStor ARCserve Backup 11 | | CVE: |  | CVE-2007-2139 (Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings, a different vulnerability than CVE-2006-5171, CVE-2006-5172, and CVE-2007-1785.) | | | | CVE-2007-1785 (The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request.) |
|
|
|
|
|
