CVE-2007-3216 Information

Feb 14, 2021 cve

Description

Multiple buffer overflows in the LGServer component of CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.1 allow remote attackers to execute arbitrary code via crafted arguments to the (1) rxsAddNewUser (2) rxsSetUserInfo (3) rxsRenameUser (4) rxsSetMessageLogSettings (5) rxsExportData (6) rxsSetServerOptions (7) rxsRenameFile (8) rxsACIManageSend (9) rxsExportUser (10) rxsImportUser (11) rxsMoveUserData (12) rxsUseLicenseIni (13) rxsLicGetSiteId (14) rxsGetLogFileNames (15) rxsGetBackupLog (16) rxsBackupComplete (17) rxsSetDataProtectionSecurityData (18) rxsSetDefaultConfigName (19) rxsGetMessageLogSettings (20) rxsHWDiskGetTotal (21) rxsHWDiskGetFree (22) rxsGetSubDirs (23) rxsGetServerDBPathName (24) rxsSetServerOptions (25) rxsDeleteFile (26) rxsACIManageSend (27) rxcReadBackupSetList (28) rxcWriteConfigInfo (29) rxcSetAssetManagement (30) rxcWriteFileListForRestore (31) rxcReadSaveSetProfile (32) rxcInitSaveSetProfile (33) rxcAddSaveSetNextAppList (34) rxcAddSaveSetNextFilesPathList (35) rxcAddNextBackupSetIncWildCard (36) rxcGetRevisions (37) rxrAddMovedUser (38) rxrSetClientVersion or (39) rxsSetDataGrowthScheduleAndFilter commands.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599 http://osvdb.org/35329 http://research.eeye.com/html/advisories/published/AD20070920.html http://research.eeye.com/html/advisories/upcoming/20070604.html http://secunia.com/advisories/25606 http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/bsabld-securitynotice.asp http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006 http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35673 http://www.securityfocus.com/archive/1/480252/100/100/threaded http://www.securityfocus.com/bid/24348 http://www.securitytracker.com/id?1018216 http://www.securitytracker.com/id?1018728 http://www.vupen.com/english/advisories/2007/2121 https://exchange.xforce.ibmcloud.com/vulnerabilities/34805

Share on: