Lucene search

MitreCVE-2007-5326

HistoryOct 13, 2007 - 12:17 a.m.

CVE-2007-5326

2007-10-1300:17:00

CWE-119

mitre

web.nvd.nist.gov

cve-2007-5326

buffer overflow

ca brightstor arcserve backup

remote code execution

nvd

security vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.049

Percentile

92.8%

JSON

Multiple buffer overflows in (1) RPC and (2) rpcx.dll in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allow remote attackers to execute arbitrary code via unspecified vectors.

Affected configurations

Nvd

Node

broadcombrightstor_arcserve_backupMatch9.01

broadcombrightstor_arcserve_backupMatch11.1

broadcombrightstor_arcserve_backupMatch11.5

broadcombrightstor_enterprise_backupMatch10.5

broadcombusiness_protection_suiteMatch2.0

broadcomserver_protection_suiteMatch2

cabrightstor_arcserve_backupMatch11windows

cabusiness_protection_suiteMatch2.0microsoft_small_business_server_premium

cabusiness_protection_suiteMatch2.0microsoft_small_business_server_standard

VendorProductVersionCPE
broadcombrightstor_arcserve_backup9.01cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup11.1cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
broadcombrightstor_arcserve_backup11.5cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
broadcombrightstor_enterprise_backup10.5cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
broadcombusiness_protection_suite2.0cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*
broadcomserver_protection_suite2cpe:2.3:a:broadcom:server_protection_suite:2:*:*:*:*:*:*:*
cabrightstor_arcserve_backup11cpe:2.3:a:ca:brightstor_arcserve_backup:11:*:windows:*:*:*:*:*
cabusiness_protection_suite2.0cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_premium:*:*:*:*:*
cabusiness_protection_suite2.0cpe:2.3:a:ca:business_protection_suite:2.0:*:microsoft_small_business_server_standard:*:*:*:*:*

Vendor	Product	Version	CPE
broadcom	brightstor_arcserve_backup	9.01	cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:::::::*
broadcom	brightstor_arcserve_backup	11.1	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:::::::*
broadcom	brightstor_arcserve_backup	11.5	cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:::::::*
broadcom	brightstor_enterprise_backup	10.5	cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:::::::*
broadcom	business_protection_suite	2.0	cpe:2.3:a:broadcom:business_protection_suite:2.0:::::::*
broadcom	server_protection_suite	2	cpe:2.3:a:broadcom:server_protection_suite:2:::::::*
ca	brightstor_arcserve_backup	11	cpe:2.3:a:ca:brightstor_arcserve_backup:11::windows:::::
ca	business_protection_suite	2.0	cpe:2.3:a:ca:business_protection_suite:2.0::microsoft_small_business_server_premium:::::
ca	business_protection_suite	2.0	cpe:2.3:a:ca:business_protection_suite:2.0::microsoft_small_business_server_standard:::::

References

osvdb.org/41368

secunia.com/advisories/27192

secunia.com/secunia_research/2007-49/advisory/

supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp

www.securityfocus.com/archive/1/482121/100/0/threaded

www.securityfocus.com/bid/26015

www.securitytracker.com/id?1018805

www.vupen.com/english/advisories/2007/3470

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.049

Percentile

92.8%

JSON

Related for CVE-2007-5326