Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2007-AVI-418
Vulnerability from certfr_avis
De multiples vulnérabilités de BrightStor Hierarchical Storage Manager permettent à un utilisateur distant de réaliser un déni de service et d'exécuter du code arbitraire.
Description
Les différentes vulnérabilités de BrightStor Hierarchical Storage Manager concernent plusieurs manques de contrôle des commandes passées au service CsAgent.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CA BrightStor Hierarchical Storage Manager r11.5.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nLes diff\u00e9rentes vuln\u00e9rabilit\u00e9s de BrightStor Hierarchical Storage\nManager concernent plusieurs manques de contr\u00f4le des commandes pass\u00e9es\nau service CsAgent.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2007-5082",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5082"
},
{
"name": "CVE-2007-5084",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5084"
},
{
"name": "CVE-2007-5083",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-5083"
}
],
"initial_release_date": "2007-09-27T00:00:00",
"last_revision_date": "2007-09-27T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 26 septembre 20007 :",
"url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"
}
],
"reference": "CERTA-2007-AVI-418",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2007-09-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s de BrightStor Hierarchical Storage Manager\npermettent \u00e0 un utilisateur distant de r\u00e9aliser un d\u00e9ni de service et\nd\u0027ex\u00e9cuter du code arbitraire.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans BrightStor Hierarchical Storage Manager",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Computer Associates du 26 septembre 2007",
"url": null
}
]
}
CVE-2007-5082 (GCVE-0-2007-5082)
Vulnerability from cvelistv5
Published
2007-10-01 20:00
Modified
2024-08-07 15:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter.
References
| URL | Tags | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.200Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ca-brightstor-csagent-bo(36825)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36825"
},
{
"name": "26914",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26914"
},
{
"name": "20070927 Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601"
},
{
"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"
},
{
"name": "ADV-2007-3275",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3275"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-16"
},
{
"name": "25823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25823"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"
},
{
"name": "1018747",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018747"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ca-brightstor-csagent-bo(36825)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36825"
},
{
"name": "26914",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26914"
},
{
"name": "20070927 Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601"
},
{
"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"
},
{
"name": "ADV-2007-3275",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3275"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-16"
},
{
"name": "25823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25823"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"
},
{
"name": "1018747",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018747"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5082",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ca-brightstor-csagent-bo(36825)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36825"
},
{
"name": "26914",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26914"
},
{
"name": "20070927 Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601"
},
{
"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"
},
{
"name": "ADV-2007-3275",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3275"
},
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-16",
"refsource": "CONFIRM",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-16"
},
{
"name": "25823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25823"
},
{
"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690"
},
{
"name": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"
},
{
"name": "1018747",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018747"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5082",
"datePublished": "2007-10-01T20:00:00",
"dateReserved": "2007-09-25T00:00:00",
"dateUpdated": "2024-08-07T15:17:28.200Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5083 (GCVE-0-2007-5083)
Vulnerability from cvelistv5
Published
2007-10-01 20:00
Modified
2024-08-07 15:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple integer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands that trigger a heap-based buffer overflow.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.260Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26914",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26914"
},
{
"name": "20070927 Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601"
},
{
"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"
},
{
"name": "ADV-2007-3275",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3275"
},
{
"name": "ca-brightstor-csagent-integer-bo(36827)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36827"
},
{
"name": "25823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25823"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35691"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"
},
{
"name": "1018747",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018747"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple integer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands that trigger a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26914",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26914"
},
{
"name": "20070927 Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601"
},
{
"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"
},
{
"name": "ADV-2007-3275",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3275"
},
{
"name": "ca-brightstor-csagent-integer-bo(36827)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36827"
},
{
"name": "25823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25823"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35691"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"
},
{
"name": "1018747",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018747"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5083",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple integer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands that trigger a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26914",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26914"
},
{
"name": "20070927 Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601"
},
{
"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"
},
{
"name": "ADV-2007-3275",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3275"
},
{
"name": "ca-brightstor-csagent-integer-bo(36827)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36827"
},
{
"name": "25823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25823"
},
{
"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35691",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35691"
},
{
"name": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"
},
{
"name": "1018747",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018747"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5083",
"datePublished": "2007-10-01T20:00:00",
"dateReserved": "2007-09-25T00:00:00",
"dateUpdated": "2024-08-07T15:17:28.260Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5084 (GCVE-0-2007-5084)
Vulnerability from cvelistv5
Published
2007-10-01 20:00
Modified
2024-08-07 15:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others.
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:17:28.214Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26914",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26914"
},
{
"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"
},
{
"name": "ADV-2007-3275",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3275"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692"
},
{
"name": "25823",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25823"
},
{
"name": "ca-brightstor-csagent-sql-injection(36828)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"
},
{
"name": "1018747",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018747"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-17"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-09-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26914",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26914"
},
{
"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"
},
{
"name": "ADV-2007-3275",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3275"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692"
},
{
"name": "25823",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25823"
},
{
"name": "ca-brightstor-csagent-sql-injection(36828)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"
},
{
"name": "1018747",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018747"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-17"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5084",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes (1) 0x07, (2) 0x08, (3) 0x09, (4) 0x1E, (5) 0x32, (6) 0x36, (7) 0x40, and possibly others."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26914",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26914"
},
{
"name": "20070927 [CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/480808/100/0/threaded"
},
{
"name": "ADV-2007-3275",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3275"
},
{
"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692",
"refsource": "CONFIRM",
"url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35692"
},
{
"name": "25823",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25823"
},
{
"name": "ca-brightstor-csagent-sql-injection(36828)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36828"
},
{
"name": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp",
"refsource": "CONFIRM",
"url": "http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp"
},
{
"name": "1018747",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018747"
},
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-17",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-17"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5084",
"datePublished": "2007-10-01T20:00:00",
"dateReserved": "2007-09-25T00:00:00",
"dateUpdated": "2024-08-07T15:17:28.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…