CVE-2007-5003

CA BrightStor ARCserve Backup r11.0-r11.5 - Stack-Based Buffer Overflow

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-5003. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/brightstor/lgserver_rxrlogin.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in CA BrightStor ARCserve Backup for Laptops & Desktops 11.1 by sending a maliciously crafted 'rxrLogin' request to TCP port 1900, allowing arbitrary code execution.

Description

Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotewindows
https://www.exploit-db.com/exploits/16411

This Metasploit module exploits a stack buffer overflow in CA BrightStor ARCserve Backup for Laptops & Desktops 11.1 by sending a maliciously crafted 'rxrLogin' request to TCP port 1900, allowing arbitrary code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: CA BrightStor ARCserve Backup for Laptops & Desktops 11.1
No auth needed
Prerequisites: Network access to TCP port 1900 · Target running vulnerable version of CA BrightStor ARCserve Backup
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC NORMAL
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/brightstor/lgserver_rxrlogin.rb

This Metasploit module exploits a stack buffer overflow in CA BrightStor ARCserve Backup for Laptops & Desktops 11.1 via a crafted 'rxrLogin' request. It achieves remote code execution by overwriting the return address with a JMP ESP instruction and executing shellcode.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: CA BrightStor ARCserve Backup for Laptops & Desktops 11.1
No auth needed
Prerequisites: Network access to TCP port 1900 · Target running vulnerable version of CA BrightStor ARCserve
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/24348
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/25606
Third Party Advisory third-party-advisory x_refsource_idefense
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/480252/100/100/threaded
Various Sources third-party-advisory x_refsource_eeye
http://research.eeye.com/html/advisories/published/AD20070920.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018728

Scores

EPSS 0.6720
EPSS Percentile 99.2%

Details

CWE
CWE-119
Status published
Products (8)
broadcom/brightstor_arcserve_backup_laptops_desktops 4.0
broadcom/brightstor_arcserve_backup_laptops_desktops 11.0
broadcom/brightstor_arcserve_backup_laptops_desktops 11.1 (2 CPE variants)
broadcom/brightstor_arcserve_backup_laptops_desktops 11.5
broadcom/desktop_management_suite 11.0
broadcom/desktop_management_suite 11.1
broadcom/desktop_management_suite 11.2
ca/protection_suites r2
Published Oct 01, 2007
Tracked Since Feb 18, 2026