Vulnerability Details CVE-2007-0672
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.7%
CVSS Severity
CVSS v2 Score 7.8
References
- http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp
- http://www.securityfocus.com/archive/1/458653/100/0/threaded
- http://www.securityfocus.com/bid/22339
- http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp
- http://www.securityfocus.com/archive/1/458653/100/0/threaded
- http://www.securityfocus.com/bid/22339
Products affected by CVE-2007-0672
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0
-
cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1
-
cpe:2.3:a:broadcom:business_protection_suite:2.0
-
cpe:2.3:a:broadcom:desktop_management_suite:11.0
-
cpe:2.3:a:broadcom:desktop_management_suite:11.1
-
cpe:2.3:a:broadcom:desktop_protection_suite:2.0
-
cpe:2.3:a:ca:business_protection_suite:2.0