ID CVE-2007-0168
Summary The Tape Engine service in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allows remote attackers to execute arbitrary code via certain data in opnum 0xBF in an RPC request, which is directly executed.
References
Vulnerable Configurations
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:9.01:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:macintosh:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:macintosh:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:netware:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:netware:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:oracle:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:oracle:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:solaris:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:solaris:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:tru64:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:tru64:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:windows:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:-:*:windows:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:11:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp1:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp1:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp2:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_arcserve_backup:11.5:sp2:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:brightstor_enterprise_backup:10.5:*:*:*:*:*:*:*
  • cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:broadcom:business_protection_suite:2.0:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 07-04-2021 - 18:53)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 22010
bugtraq
  • 20070111 LS-20061002 - Computer Associates BrightStor ARCserve Backup Remote Code Execution Vulnerability
  • 20070111 ZDI-07-002: CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerability
  • 20070111 [CAID 34955, 34956, 34957, 34958, 34959, 34817]: CA BrightStor ARCserve Backup Multiple Overflow Vulnerabilities
cert-vn VU#662400
confirm http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp
misc
osvdb 31327
sectrack 1017506
secunia 23648
vupen ADV-2007-0154
xf brightstor-tapeengine-code-execution(31442)
saint via4
bid 22005
description BrightStor ARCserve Backup Tape Engine opnum 0xCF buffer overflow
id misc_arcservetaperpccode
osvdb 31327
title brightstor_arcserve_tape_cf
type remote
Last major update 07-04-2021 - 18:53
Published 11-01-2007 - 22:28
Last modified 07-04-2021 - 18:53
Back to Top