CVE-2007-0672
BrightStor Mobile Backup 4.0 - Denial of Service via Authentication Negotiation Packet
Title source: llmDescription
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\.
References (3)
Core 3
Core References
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22339
Patch x_refsource_confirm
http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/458653/100/0/threaded
Scores
EPSS
0.0136
EPSS Percentile
80.4%
Details
Status
published
Products (7)
broadcom/brightstor_arcserve_backup_laptops_desktops
11.0
broadcom/brightstor_arcserve_backup_laptops_desktops
11.1 (2 CPE variants)
broadcom/business_protection_suite
2.0
broadcom/desktop_management_suite
11.0
broadcom/desktop_management_suite
11.1
broadcom/desktop_protection_suite
2.0
ca/business_protection_suite
2.0 (2 CPE variants)
Published
Feb 03, 2007
Tracked Since
Feb 18, 2026