TPTI-07-16: CA BrightStor Hierarchical Storage Manager Buffer Overflow Vulnerabilities

TPTI-07-16: CA BrightStor Hierarchical Storage Manager Buffer Overflow Vulnerabilities http://dvlabs.tippingpoint.com/advisory/TPTI-07-16.html October 2, 2007 -- CVE ID: CVE-2007-5082 -- Affected Vendor: Computer Associates -- Affected Products: BrightStor Hierarchical Storage Manager r11.5 --...

TPTI-07-17: CA BrightStor Hierarchical Storage Manager SQL Injection Vulnerabilities

TPTI-07-17: CA BrightStor Hierarchical Storage Manager SQL Injection Vulnerabilities http://dvlabs.tippingpoint.com/advisory/TPTI-07-17.html October 2, 2007 -- CVE ID: CVE-2007-5084 -- Affected Vendor: Computer Associates -- Affected Products: BrightStor Hierarchical Storage Manager r11.5 --...

BrightStor Hierarchical Storage Manager < r11.6 Multiple Remote Vulnerabilities

According to its engine build, the installation of BrightStor Hierarchical Storage Manager on the remote host has multiple vulnerabilities affecting its CsAgent service, including buffer overflows and SQL injection vulnerabilities. An unauthenticated remote attacker may be able to leverage these...

Stack overflow

Multiple stack-based buffer overflows in Computer Associates CA BrightStor Hierarchical Storage Manager HSM before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter...

CVE-2007-5084

Multiple SQL injection vulnerabilities in Computer Associates CA BrightStor Hierarchical Storage Manager HSM before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes 1 0x07, 2 0x08, 3 0x09, 4 0x1E, 5 0x32, 6 0x36, 7 0x40, and possibly others...

Sql injection

Multiple SQL injection vulnerabilities in Computer Associates CA BrightStor Hierarchical Storage Manager HSM before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes 1 0x07, 2 0x08, 3 0x09, 4 0x1E, 5 0x32, 6 0x36, 7 0x40, and possibly others...

Integer overflow

Multiple integer overflows in Computer Associates CA BrightStor Hierarchical Storage Manager HSM before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands that trigger a heap-based buffer overflow...

CVE-2007-5082

Multiple stack-based buffer overflows in Computer Associates CA BrightStor Hierarchical Storage Manager HSM before r11.6 allow remote attackers to execute arbitrary code via unspecified CsAgent service commands with certain opcodes, related to missing validation of a length parameter...

CVE-2007-5084

Multiple SQL injection vulnerabilities in Computer Associates CA BrightStor Hierarchical Storage Manager HSM before r11.6 allow remote attackers to execute arbitrary SQL commands via CsAgent service commands with opcodes 1 0x07, 2 0x08, 3 0x09, 4 0x1E, 5 0x32, 6 0x36, 7 0x40, and possibly others...

CVE-2007-5083

BrightStor HSM CsAgent contains multiple remote vulnerabilities (CVE-2007-5082/5083/5084) in r11.5 that allow an unauthenticated attacker to execute arbitrary code via CsAgent commands over TCP port 2000 due to stack/heap buffer and integer overflow issues. iDefense/CVEs describe several buffer o...

[CAID 35690, 35691, 35692]: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities

Title: CAID 35690, 35691, 35692: CA BrightStor Hierarchical Storage Manager CsAgent Multiple Vulnerabilities CA Vuln ID CAID: 35690, 35691, 35692 CA Advisory Date: 2007-09-26 Reported By: Sean Larsson, iDefense Labs anonymous researcher working with the iDefense VCP Aaron Portnoy of DV Labs...