PT-2007-6179 · Ca · Ca Brightstor Hierarchical Storage Manager

Published

2007-10-01

Updated

2021-04-07

CVE-2007-5082

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions CA BrightStor Hierarchical Storage Manager (HSM) versions prior to r11.6

Description The issue is related to multiple stack-based buffer overflows in the CsAgent service, which can be exploited by remote attackers to execute arbitrary code. This is due to missing validation of a length parameter when processing certain opcodes in CsAgent service commands.

Recommendations For CA BrightStor Hierarchical Storage Manager (HSM) versions prior to r11.6, update to version r11.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the CsAgent service to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2007-5082

Affected Products

Ca Brightstor Hierarchical Storage Manager

PT-2007-6179 · Ca · Ca Brightstor Hierarchical Storage Manager

CVE-2007-5082

Weakness Enumeration

Related Identifiers

Affected Products

References · 14