CVE-2007-2772

Name of the Vulnerable Software and Affected Versions CA BrightStor Backup version 11.5.2.0 SP2

Description The issue allows remote attackers to cause a denial of service, resulting in a NULL dereference and application crash, via a crafted RPC packet. This is related to the caloggerd.exe and mediasvr.exe components, specifically the camt70.dll, catirpc.dll, and rwxdr.dll libraries.

Recommendations For CA BrightStor Backup version 11.5.2.0 SP2, consider restricting access to the RPC service until a patch is available to prevent potential denial of service attacks. As a temporary workaround, disabling the vulnerable components, such as caloggerd.exe and mediasvr.exe, may help minimize the risk of exploitation. However, this should be done with caution, as it may impact the functionality of the backup system. At the moment, there is no information about a newer version that contains a fix for this vulnerability.