CVE-2007-1785

Published: Mar 31, 2007Modified: Apr 23, 2026

7.1

Vector

AV:N/AC:H/Au:S/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request.

Affected (6)

Products: Broadcom: Brightstor Arcserve Backup · Ca: Brightstor Arcserve Backup

1 product

Brightstor Arcserve Backup

1 product

Brightstor Arcserve Backup

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Broadcom Brightstor Arcserve Backup	Version 11.1
Broadcom Brightstor Arcserve Backup	Version 11.5
Broadcom Brightstor Arcserve Backup	Version 11.5 sp1
Broadcom Brightstor Arcserve Backup	Version 11.5 sp2
Broadcom Brightstor Arcserve Backup	Version 9.01
Ca Brightstor Arcserve Backup	Version 11

References (26)

http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0467.html

Source: cve@mitre.org

http://secunia.com/advisories/24682

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/2509

Source: cve@mitre.org

http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/151305

Source: cve@mitre.org

US Government Resource

http://www.securityfocus.com/archive/1/464270/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/464343/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/23209

Source: cve@mitre.org

http://www.securitytracker.com/id?1017830

Source: cve@mitre.org

http://www.shirkdog.us/camediasvrremote.py

Source: cve@mitre.org

http://www.shirkdog.us/shk-004.html

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/1161

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/33316

Source: cve@mitre.org

http://archives.neohapsis.com/archives/fulldisclosure/2007-03/0467.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/24682

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securityreason.com/securityalert/2509

Source: af854a3a-2127-422b-91ae-364da2661108

http://supportconnectw.ca.com/public/storage/infodocs/babmedser-secnotice.asp

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.kb.cert.org/vuls/id/151305

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.securityfocus.com/archive/1/464270/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/464343/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/23209

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1017830

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.shirkdog.us/camediasvrremote.py

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.shirkdog.us/shk-004.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/1161

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/33316

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.