10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.941 High
EPSS
Percentile
99.2%
Added: 05/03/2007
CVE: CVE-2007-2139
BID: 23635
OSVDB: 34127
CA ARCserve Backup (formerly BrightStor ARCserve Backup) is a backup and recovery solution. ARCserve Media Server is a component which comes with ARCserve Backup.
ARCserve Media Server is affected by multiple buffer overflow vulnerabilities which allow remote attackers to execute arbitrary commands by sending specially crafted requests to the SUN RPC service.
Apply one of the patches referenced in the CA Security Notice.
<http://www.kb.cert.org/vuls/id/979825>
<http://www.zerodayinitiative.com/advisories/ZDI-07-022.html>
Exploit works on BrightStor ARCserve Backup r11.5 SP2.
Windows 2000
Windows Server 2003