CVE-2007-5005

2007-10-0120:17:00

CWE-22

mitre

web.nvd.nist.gov

ca brightstor

arcserve backup

directory traversal

vulnerability

rxrpc.dll

remote attackers

file upload

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.066

Percentile

93.9%

JSON

Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a …\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command.

Affected configurations

Nvd

Node

broadcombrightstor_arcserve_backup_laptops_desktopsMatch4.0

broadcombrightstor_arcserve_backup_laptops_desktopsMatch11.0

broadcombrightstor_arcserve_backup_laptops_desktopsMatch11.1

broadcombrightstor_arcserve_backup_laptops_desktopsMatch11.1sp1

broadcombrightstor_arcserve_backup_laptops_desktopsMatch11.5

broadcomdesktop_management_suiteMatch11.0

broadcomdesktop_management_suiteMatch11.1

broadcomdesktop_management_suiteMatch11.2

caprotection_suitesMatchr2

VendorProductVersionCPE
broadcombrightstor_arcserve_backup_laptops_desktops4.0cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:4.0:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup_laptops_desktops11.0cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup_laptops_desktops11.1cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup_laptops_desktops11.1cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*
broadcombrightstor_arcserve_backup_laptops_desktops11.5cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.5:*:*:*:*:*:*:*
broadcomdesktop_management_suite11.0cpe:2.3:a:broadcom:desktop_management_suite:11.0:*:*:*:*:*:*:*
broadcomdesktop_management_suite11.1cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*
broadcomdesktop_management_suite11.2cpe:2.3:a:broadcom:desktop_management_suite:11.2:*:*:*:*:*:*:*
caprotection_suitesr2cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
broadcom	brightstor_arcserve_backup_laptops_desktops	4.0	cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:4.0:::::::*
broadcom	brightstor_arcserve_backup_laptops_desktops	11.0	cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:::::::*
broadcom	brightstor_arcserve_backup_laptops_desktops	11.1	cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:::::::*
broadcom	brightstor_arcserve_backup_laptops_desktops	11.1	cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1::::::
broadcom	brightstor_arcserve_backup_laptops_desktops	11.5	cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.5:::::::*
broadcom	desktop_management_suite	11.0	cpe:2.3:a:broadcom:desktop_management_suite:11.0:::::::*
broadcom	desktop_management_suite	11.1	cpe:2.3:a:broadcom:desktop_management_suite:11.1:::::::*
broadcom	desktop_management_suite	11.2	cpe:2.3:a:broadcom:desktop_management_suite:11.2:::::::*
ca	protection_suites	r2	cpe:2.3:a:ca:protection_suites:r2:::::::*