CVE-2007-0169 Information

Description

Multiple buffer overflows in Computer Associates (CA) BrightStor ARCserve Backup 9.01 through 11.5 Enterprise Backup 10.5 and CA Server/Business Protection Suite r2 allow remote attackers to execute arbitrary code via RPC requests with crafted data for opnums (1) 0x2F and (2) 0x75 in the (a) Message Engine RPC service or opnum (3) 0xCF in the Tape Engine service.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=467 http://osvdb.org/31327 http://secunia.com/advisories/23648 http://securitytracker.com/id?1017506 http://supportconnectw.ca.com/public/storage/infodocs/babimpsec-notice.asp http://www.kb.cert.org/vuls/id/151032 http://www.kb.cert.org/vuls/id/180336 http://www.securityfocus.com/archive/1/456618/100/0/threaded http://www.securityfocus.com/archive/1/456619/100/0/threaded http://www.securityfocus.com/archive/1/456711 http://www.securityfocus.com/bid/22005 http://www.securityfocus.com/bid/22006 http://www.vupen.com/english/advisories/2007/0154 http://www.zerodayinitiative.com/advisories/ZDI-07-003.html http://www.zerodayinitiative.com/advisories/ZDI-07-004.html https://exchange.xforce.ibmcloud.com/vulnerabilities/31433 https://exchange.xforce.ibmcloud.com/vulnerabilities/31443