CVE-2007-3216

Broadcom Brightstor Arcserve Backup L... - Memory Corruption

Title source: rule

Description

Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser, (2) rxsSetUserInfo, (3) rxsRenameUser, (4) rxsSetMessageLogSettings, (5) rxsExportData, (6) rxsSetServerOptions, (7) rxsRenameFile, (8) rxsACIManageSend, (9) rxsExportUser, (10) rxsImportUser, (11) rxsMoveUserData, (12) rxsUseLicenseIni, (13) rxsLicGetSiteId, (14) rxsGetLogFileNames, (15) rxsGetBackupLog, (16) rxsBackupComplete, (17) rxsSetDataProtectionSecurityData, (18) rxsSetDefaultConfigName, (19) rxsGetMessageLogSettings, (20) rxsHWDiskGetTotal, (21) rxsHWDiskGetFree, (22) rxsGetSubDirs, (23) rxsGetServerDBPathName, (24) rxsSetServerOptions, (25) rxsDeleteFile, (26) rxsACIManageSend, (27) rxcReadBackupSetList, (28) rxcWriteConfigInfo, (29) rxcSetAssetManagement, (30) rxcWriteFileListForRestore, (31) rxcReadSaveSetProfile, (32) rxcInitSaveSetProfile, (33) rxcAddSaveSetNextAppList, (34) rxcAddSaveSetNextFilesPathList, (35) rxcAddNextBackupSetIncWildCard, (36) rxcGetRevisions, (37) rxrAddMovedUser, (38) rxrSetClientVersion, or (39) rxsSetDataGrowthScheduleAndFilter commands.

Exploits (6)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16415

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16416

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16409

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/brightstor/lgserver_rxsuselicenseini.rb

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/brightstor/lgserver_multi.rb

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by MC · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/brightstor/lgserver_rxssetdatagrowthscheduleandfilter.rb

View Code ZIP pw:eip

References (15)

[Various Sources] http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp

[Various Sources] http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp

[Various Sources] http://research.eeye.com/html/advisories/published/AD20070920.html

[Various Sources] http://research.eeye.com/html/advisories/upcoming/20070604.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/24348

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/34805

[Vendor Advisory] http://secunia.com/advisories/25606

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1018216

[Vendor Advisory] http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673

[Third Party Advisory, VDB Entry] http://osvdb.org/35329

[Third Party Advisory] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599

[Vendor Advisory] http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/480252/100/100/threaded

[Vendor Advisory] http://www.vupen.com/english/advisories/2007/2121

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1018728

Scores

EPSS 0.6034

EPSS Percentile 98.3%

Details

CWE

CWE-119

Status published

Products (1)

broadcom/brightstor_arcserve_backup_laptops_desktops 11.1

Published Jun 14, 2007

Tracked Since Feb 18, 2026