Lucene search

MitreCVE-2007-0672

HistoryFeb 03, 2007 - 1:28 a.m.

CVE-2007-0672

2007-02-0301:28:00

mitre

web.nvd.nist.gov

lgserver.exe

brightstor mobile backup 4.0

denial of service

disk consumption

daemon hang

remote attackers

cve-2007-0672

nvd

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.013

Percentile

86.0%

JSON

LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer.

Affected configurations

Nvd

Node

broadcombrightstor_arcserve_backup_laptops_desktopsMatch11.0

broadcombrightstor_arcserve_backup_laptops_desktopsMatch11.1

broadcombrightstor_arcserve_backup_laptops_desktopsMatch11.1sp1

broadcombusiness_protection_suiteMatch2.0

broadcomdesktop_management_suiteMatch11.0

broadcomdesktop_management_suiteMatch11.1

broadcomdesktop_protection_suiteMatch2.0

cabusiness_protection_suiteMatch2.0microsoft_sbs_premium

cabusiness_protection_suiteMatch2.0microsoft_sbs_standard

VendorProductVersionCPE
broadcombrightstor_arcserve_backup_laptops_desktops11.0cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup_laptops_desktops11.1cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup_laptops_desktops11.1cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*
broadcombusiness_protection_suite2.0cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*
broadcomdesktop_management_suite11.0cpe:2.3:a:broadcom:desktop_management_suite:11.0:*:*:*:*:*:*:*
broadcomdesktop_management_suite11.1cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*
broadcomdesktop_protection_suite2.0cpe:2.3:a:broadcom:desktop_protection_suite:2.0:*:*:*:*:*:*:*
cabusiness_protection_suite2.0cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_premium:*:*:*:*:*
cabusiness_protection_suite2.0cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_sbs_standard:*:*:*:*:*

Vendor	Product	Version	CPE
broadcom	brightstor_arcserve_backup_laptops_desktops	11.0	cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:::::::*
broadcom	brightstor_arcserve_backup_laptops_desktops	11.1	cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:::::::*
broadcom	brightstor_arcserve_backup_laptops_desktops	11.1	cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1::::::
broadcom	business_protection_suite	2.0	cpe:2.3:a:broadcom:business_protection_suite:2.0:::::::*
broadcom	desktop_management_suite	11.0	cpe:2.3:a:broadcom:desktop_management_suite:11.0:::::::*
broadcom	desktop_management_suite	11.1	cpe:2.3:a:broadcom:desktop_management_suite:11.1:::::::*
broadcom	desktop_protection_suite	2.0	cpe:2.3:a:broadcom:desktop_protection_suite:2.0:::::::*
ca	business_protection_suite	2.0	cpe:2.3:a:ca:business_protection_suite:2.0::microsoft_sbs_premium:::::
ca	business_protection_suite	2.0	cpe:2.3:a:ca:business_protection_suite:2.0::microsoft_sbs_standard:::::

References

supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp

www.securityfocus.com/archive/1/458653/100/0/threaded

www.securityfocus.com/bid/22339

Social References

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

AI Score

6.8

Confidence

High

EPSS

0.013

Percentile

86.0%

JSON

Related for CVE-2007-0672