Lucene search
SAINT CorporationSAINT:8A03A561DEBBAE9E45755FAC45CA1E59HistoryFeb 09, 2007 - 12:00 a.m.
BrightStor ARCserve Backup Tape Engine opnum 0xCF buffer overflow
2007-02-0900:00:00
SAINT Corporation
download.saintcorporation.com
15
0.937 High
EPSS
Percentile
99.1%
Added: 02/09/2007
CVE: CVE-2007-0169
BID: 22005
OSVDB: 31327
Background
The BrightStor ARCserve Backup server includes a Backup Tape Engine feature which allows use of tape drives for storage.
Problem
A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary commands by sending a specially crafted request with opnum 0xCF to the Tape Engine RPC service.
Resolution
Apply one of the fixes referenced in the Security Notice.
References
<http://www.zerodayinitiative.com/advisories/ZDI-07-004.html>
Limitations
Exploit works on BrightStor ARCserve Backup r11.5 SP2.
Platforms
Windows
Related
zdi
zdi
CA BrightStor ARCserve Backup Message Engine Buffer Overflow Vulnerability
2007-01-11 00:00:00
CA BrightStor ARCserve Backup Tape Engine Buffer Overflow Vulnerability
2007-01-11 00:00:00
saint
saint
BrightStor ARCserve Message Engine opnum 0x2f buffer overflow
2007-01-19 00:00:00
BrightStor ARCserve Message Engine opnum 0x75 buffer overflow
2007-01-24 00:00:00
BrightStor ARCserve Message Engine opnum 0x2f buffer overflow
2007-01-19 00:00:00
cve
cve
CVE-2007-0169
2007-01-11 22:28:00
packetstorm
packetstorm
CA BrightStor ARCserve Message Engine Buffer Overflow
2009-11-26 00:00:00
securityvulns
securityvulns
cert
cert
CA BrightStor ARCserve Backup Tape Engine RPC buffer overflow
2007-01-12 00:00:00
CA BrightStor ARCserve Backup Message Engine RPC buffer overflow
2007-01-12 00:00:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Buffer overflow
2007-01-11 22:28:00
cvelist
cvelist
CVE-2007-0169
2007-01-11 22:00:00
nvd
nvd
CVE-2007-0169
2007-01-11 22:28:00
nessus
nessus
CA BrightStor ARCserve Backup Multiple Vulnerabilities (QO84983)
2007-01-15 00:00:00