QwikSec

Security Database

CVE

CWE

Training

CVE-2007-5005

Published: Oct 1, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Directory traversal vulnerability in rxRPC.dll in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allows remote attackers to upload and overwrite arbitrary files via a ..\ (dot dot backslash) sequence in the destination filename argument to sub-function 8 in the rxrReceiveFileFromServer command.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vdb-entry

x_refsource_BID

third-party-advisory

x_refsource_SECUNIA

http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006

x_refsource_CONFIRM

http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35676

x_refsource_CONFIRM

20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities

mailing-list

x_refsource_BUGTRAQ

http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp

x_refsource_CONFIRM

20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops

third-party-advisory

x_refsource_EEYE

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.