CVE-2007-5082

Broadcom Brightstor Hierarchical Storage Manager - Memory Corruption

Title source: rule

Description

Multiple stack-based buffer overflows in Computer Associates (CA) BrightStor Hierarchical Storage Manager (HSM) before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16402

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Nice Name Crew · perldoswindows

https://www.exploit-db.com/exploits/4569

View Code ZIP pw:eip

metasploit WORKING POC GREAT

by toto · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/brightstor/hsmserver.rb

View Code ZIP pw:eip

References (10)

[Patch, Vendor Advisory] http://secunia.com/advisories/26914

[Patch] http://supportconnectw.ca.com/public/bstorhsm/infodocs/bstorhsm-secnot.asp

[Patch] http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35690

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/25823

[Vendor Advisory] http://www.vupen.com/english/advisories/2007/3275

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/36825

[Vendor Advisory] http://dvlabs.tippingpoint.com/advisory/TPTI-07-16

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/480808/100/0/threaded

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1018747

[Third Party Advisory] http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=601

Scores

EPSS 0.7051

EPSS Percentile 98.7%

Details

CWE

CWE-119

Status published

Products (1)

broadcom/brightstor_hierarchical_storage_manager 11.5

Published Oct 01, 2007

Tracked Since Feb 18, 2026