CVE-2007-4027

Name of the Vulnerable Software and Affected Versions: Areca CLI versions 1.72.250 and earlier

Description: A buffer overflow issue exists in the cli32 component of Areca CLI, potentially allowing local users to gain privileges through a long argument. It is noted that the program is not setuid by default, but there are specific usage scenarios where an administrator might configure it as setuid.

Recommendations: For Areca CLI versions 1.72.250 and earlier, consider restricting access to the cli32 component until a fix is available. As a temporary workaround, avoid using long arguments with the cli32 component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.