10 matches found
CVE-2007-0449
CVE-2007-0449 pertains to a stack/heap buffer overflow in LGSERVER.EXE of CA BrightStor ARCserve Backup products. A remote, unauthenticated attacker could send crafted packets to 1900/tcp or 2200/tcp to trigger arbitrary code execution (often with SYSTEM privileges) or cause a DoS. Affected produ...
CVE-2007-5003
CVE-2007-5003 concerns multiple stack-based buffer overflows in CA BrightStor ARCserve Backup for Laptops and Desktops, affecting r11.0 through r11.5. The vulnerability arises in the rxRPC.dll routines rxrLogin (long username and long password) and GetUserInfo (long username), allowing remote att...
CVE-2007-0672
CVE-2007-0672 affects BrightStor Mobile Backup 4.0 (LGSERVER.EXE). A remote attacker can cause a denial of service by sending a crafted authentication packet (value 0xFFFFFF7F), causing excessive writes to a .USX file under CA_BABLDdata\Server\data\transfer\ that leads to disk consumption and dae...
CVE-2007-5005
CVE-2007-5005 affects CA ARCserve Backup for Laptops and Desktops, specifically rxRPC.dll in the rxrReceiveFileFromServer function, with r11.0–r11.5 susceptible. The vulnerability arises from directory traversal using a ..\ sequence in the destination filename, allowing a remote attacker to uploa...
CVE-2007-5006
CA ARCserve Backup for Laptops and Desktops (L&D) versions r11.0–r11.5 are affected by CVE-2007-5006, an authentication-bypass flaw in the LGServer/rxRPC interface over TCP/1900. The vulnerability arises from command handlers that do not verify peer authentication, enabling remote attackers to ad...
CVE-2008-3175
CVE-2008-3175 involves an integer/buffer overflow in the LGServer component (rxRPC.dll) of CA ARCserve Backup for Laptops and Desktops. All versions 11.0–11.5 are affected, with the LGServer service vulnerable to a crafted inbound message that can cause a buffer/underflow and allow a remote attac...
CVE-2008-1328
CVE-2008-1328 is a buffer overflow in the LGServer service of CA ARCserve Backup for Laptops and Desktops (BrightStor ARCserve Backup) that allows remote code execution via long command arguments. Affected versions include r11.0 through r11.5 and Suite 11.1/11.2. Exploitation could grant System-l...
CVE-2007-0673
CVE-2007-0673 affects BrightStor ARCserve Backup for Laptops & Desktops r11.1. LGSERVER.EXE can be remotely triggered to crash the daemon via a crafted 0xFFFFFFFF value during authentication, causing an out-of-bounds read and denial of service. This is documented with a network attack vector and ...
CVE-2008-1329
CVE-2008-1329 affects CA ARCserve Backup for Laptops and Desktops (r11.0–r11.5) and CA Desktop Management Suite 11.x; vulnerability arises from insufficient verification of file uploads in the NetBackup service, allowing remote execution of arbitrary commands. Connected advisories indicate multip...
CVE-2007-5004
CVE-2007-5004 affects CA BrightStor ARCserve Backup for Laptops and Desktops (LGServer) r11.0–r11.5. An integer overflow in processing the authentication password (long username and crafted password) could allow a remote attacker to execute arbitrary code. Connected advisories/SAINT notes indicat...