Back to search
CVE-2007-1785
Published: Mar 31, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
The RPC service in mediasvr.exe in CA BrightStor ARCserve Backup 11.5 SP2 build 4237 allows remote attackers to execute arbitrary code via crafted xdr_handle_t data in RPC packets, which is used in calculating an address for a function call, as demonstrated using the 191 (0xbf) RPC request.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
1017830
vdb-entry
x_refsource_SECTRACK
http://www.shirkdog.us/shk-004.html
x_refsource_MISC
20070329 CA Brightstor Backup Mediasvr.exe Remote Code Vulnerability
mailing-list
x_refsource_FULLDISC
http://www.shirkdog.us/camediasvrremote.py
x_refsource_MISC
brightstor-mediasvr-bo(33316)
vdb-entry
x_refsource_XF
24682
third-party-advisory
x_refsource_SECUNIA
VU#151305
third-party-advisory
x_refsource_CERT-VN
23209
vdb-entry
x_refsource_BID
2509
third-party-advisory
x_refsource_SREASON
20070331 CA BrightStor ARCserve Backup Mediasvr.exe vulnerability
mailing-list
x_refsource_BUGTRAQ
20070330 CA Brightstor Backup Mediasvr.exe Remote Code Vulnerability
mailing-list
x_refsource_BUGTRAQ
ADV-2007-1161
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now