CVE-2007-0816

Name of the Vulnerable Software and Affected Versions: CA BrightStor ARCserve Backup versions 11.5 SP2 and earlier

Description: The issue allows remote attackers to cause a denial of service, resulting in a service crash, by sending a crafted TADDR2UADDR that triggers a null pointer dereference in catirpc.dll. This could be related to null credentials or verifier fields.

Recommendations: For CA BrightStor ARCserve Backup versions 11.5 SP2 and earlier, consider restricting access to the RPC Server service until a patch is available. As a temporary workaround, disabling the catirpc.exe service may prevent the denial of service. However, this may have implications for the functionality of the backup system. At the moment, there is no information about a newer version that contains a fix for this vulnerability.