CVE-2007-0169

Broadcom Brightstor Arcserve Backup < 11.5 - Memory Corruption

Title source: rule

Description

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5, Enterprise Backup 10.5, and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service, or opnum (3) 0xCF in the Tape Engine service.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16418

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by MC, aushack · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/brightstor/message_engine.rb

View Code ZIP pw:eip

References (17)

[Vendor Advisory] http://secunia.com/advisories/23648

[Patch] http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp

[US Government Resource] http://www.kb.cert.org/vuls/id/151032

[US Government Resource] http://www.kb.cert.org/vuls/id/180336

[Vendor Advisory] http://www.vupen.com/english/advisories/2007/0154

[Exploit] http://www.zerodayinitiative.com/advisories/ZDI-07-003.html

[Exploit] http://www.zerodayinitiative.com/advisories/ZDI-07-004.html

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/31433

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/31443

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/456618/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/456619/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/456711

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/22005

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/22006

[Third Party Advisory, VDB Entry] http://osvdb.org/31327

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1017506

[Third Party Advisory] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=467

Scores

EPSS 0.7782

EPSS Percentile 99.0%

Classification

CWE

CWE-119

Status draft

Affected Products (4)

broadcom/brightstor_arcserve_backup < 11.5

broadcom/brightstor_arcserve_backup

broadcom/brightstor_enterprise_backup

broadcom/business_protection_suite

Timeline

Published Jan 11, 2007

Tracked Since Feb 18, 2026