CVE-2007-5328 Information

Description

The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5 and Enterprise Backup r10.5 allows attackers to execute arbitrary code by using certain \insecure method calls\ to modify the file system and registry aka \Privileged function exposure.\

Reference

http://secunia.com/advisories/27192 http://supportconnectw.ca.com/public/storage/infodocs/basb-secnotice.asp http://www.securityfocus.com/archive/1/482121/100/0/threaded http://www.securityfocus.com/archive/1/484229/100/0/threaded http://www.securityfocus.com/bid/26015 http://www.securitytracker.com/id?1018805 http://www.vupen.com/english/advisories/2007/3470 http://www.zerodayinitiative.com/advisories/ZDI-07-069.html https://exchange.xforce.ibmcloud.com/vulnerabilities/37067