15 matches found
EUVD-2007-0669
Malware in sbrugna...
Design/Logic Flaw
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service disk consumption and daemon hang via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in...
Out-of-bounds
LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service daemon crash via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read...
CVE-2007-0673
LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service daemon crash via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read...
CVE-2007-0673
CVE-2007-0673 affects BrightStor ARCserve Backup for Laptops & Desktops r11.1. LGSERVER.EXE can be remotely triggered to crash the daemon via a crafted 0xFFFFFFFF value during authentication, causing an out-of-bounds read and denial of service. This is documented with a network attack vector and ...
CVE-2007-0672
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service disk consumption and daemon hang via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in...
CVE-2007-0672
CVE-2007-0672 affects BrightStor Mobile Backup 4.0 (LGSERVER.EXE). A remote attacker can cause a denial of service by sending a crafted authentication packet (value 0xFFFFFF7F), causing excessive writes to a .USX file under CA_BABLDdata\Server\data\transfer\ that leads to disk consumption and dae...
CVE-2007-0673
LGSERVER.EXE in BrightStor ARCserve Backup for Laptops & Desktops r11.1 allows remote attackers to cause a denial of service daemon crash via a value of 0xFFFFFFFF at a certain point in an authentication negotiation packet, which results in an out-of-bounds read...
Computer Associates BrightStor ARCserve Backup LGServer.EXE远程堆缓冲区溢出漏洞
Computer Associates BrightStor ARCserve Backup是一款企业级别的备份解决方案。 BrightStor ARCserve Backup包含的LGSERVER.EXE处理畸形报文存在问题,远程攻击者可以利用漏洞进行堆溢出攻击,可能以进程权限执行任意指令。 所有针对Mobile Backup服务进程LGSERVER.EXE监听在TCP 2200口的报文以"\x4e\x3d\x2c\x1b"序列开头,发送包含\x4e\x3d\x2c\x1b并追加65535字符的字符串可导致进程终止,可能导致任意代码执行。 Computer Associates...
CA BrightStor ARCServe BackUp LGServer远程栈溢出漏洞
BrightStor ARCserve Backup可为各种平台的服务器提供备份和恢复保护功能。 BrightStor ARCserve Backup的LGSERVER.EXE在处理畸形请求数据时存在漏洞,远程攻击者可能利用此漏洞控制服务器。 如果发送给监听于TCP/1900端口上LGSERVER.EXE服务的报文格式如下: ddddddddddxxxxxxxxxxxxxxxxxxxxx 这里dddddddddd是10个字符长0填充的十进制值,等于xxxxxxxxxxxxxxxxxxxxx...
BrightStor ARCserve LGServer buffer overflow
Added: 02/02/2007 CVE: CVE-2007-0449 BID: 22342 OSVDB: 31593 Background BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections. Problem A buffer overflow vulnerability in BrightStor ARCserve Backup for...
Remote Unauthenticated Resource Exhaustion CA Mobile BackupService
======= Summary ======= Today: 31 January 2007 Reference: NGS00401 Discover: Mark Litchfield; John Heasman Name: Remote Unauthenticated Resource Exhaustion Mobile BackupService Vendor: Computer Associates Systems Affected: BrightStor ARCserve Backup for Laptops & Desktops r11.1 Risk: Medium Statu...
Remote Unauthenticated Code Execution CA BrightStor ARCserve Backup
======= Summary ======= Today: 31 January 2007 Reference: NGS00404 Discover: Mark Litchfield Name: Remote Unauthenticated Code Execution CA BrightStor ARCserve Backup for Laptops & Desktops Vendor: Computer Associates Systems Affected: BrightStor ARCserve Backup for Laptops & Desktops r11.1 Risk:...
Computer Associates BrightStor ARCserve Backup LGSERVER.EXE stack buffer overflow
Overview Computer Associates BrightStor ARCserve Backup contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Computer Associates BrightStor ARCserve Backup products come with a service called LGSERVER.EX...
CVE-2007-0449
CVE-2007-0449 pertains to a stack/heap buffer overflow in LGSERVER.EXE of CA BrightStor ARCserve Backup products. A remote, unauthenticated attacker could send crafted packets to 1900/tcp or 2200/tcp to trigger arbitrary code execution (often with SYSTEM privileges) or cause a DoS. Affected produ...