PT-2007-6398 · Ca · Ca Brightstor Arcserve Backup+1

Publicado

2007-10-13

Atualizado

2021-04-07

CVE-2007-5327

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: CA BrightStor ARCServe BackUp versions 9.01 through 11.5 CA Enterprise Backup version 10.5

Description: The issue is related to a stack-based buffer overflow in the RPC interface for the Message Engine. This can be exploited by remote attackers to execute arbitrary code via a long argument in the 0x10d opnum.

Recommendations: For CA BrightStor ARCServe BackUp versions 9.01 through 11.5, consider restricting access to the RPC interface for the Message Engine until a patch is available. For CA Enterprise Backup version 10.5, restrict access to the RPC interface for the Message Engine until a patch is available. As a temporary workaround, consider disabling the mediasvr.exe service until a patch is available.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2007-5327

Produtos afetados

Ca Brightstor Arcserve Backup

Ca Enterprise Backup

PT-2007-6398 · Ca · Ca Brightstor Arcserve Backup+1

CVE-2007-5327

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13