PT-2007-2127 · Ca · Ca Brightstor Arcserve Backup For Laptops/Desktops

Published

2007-02-03

Updated

2021-04-08

CVE-2007-0673

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions BrightStor ARCserve Backup for Laptops & Desktops version r11.1

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash. This occurs when a value of 0xFFFFFFFF is sent at a certain point in an authentication negotiation packet, leading to an out-of-bounds read.

Recommendations For BrightStor ARCserve Backup for Laptops & Desktops version r11.1, consider restricting access to the authentication negotiation packet to minimize the risk of exploitation until a patch is available.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2007-0673

Affected Products

Ca Brightstor Arcserve Backup For Laptops/Desktops

PT-2007-2127 · Ca · Ca Brightstor Arcserve Backup For Laptops/Desktops

CVE-2007-0673

Weakness Enumeration

Related Identifiers

Affected Products

References · 6