Vulnerability Description
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Broadcom | Brightstor Arcserve Backup Laptops Desktops | 11.0 |
| Broadcom | Business Protection Suite | 2.0 |
| Broadcom | Desktop Management Suite | 11.0 |
| Broadcom | Desktop Protection Suite | 2.0 |
| Ca | Business Protection Suite | 2.0 |
References
- http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.Patch
- http://www.securityfocus.com/archive/1/458653/100/0/threaded
- http://www.securityfocus.com/bid/22339Patch
- http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.Patch
- http://www.securityfocus.com/archive/1/458653/100/0/threaded
- http://www.securityfocus.com/bid/22339Patch
FAQ
What is CVE-2007-0672?
CVE-2007-0672 is a vulnerability with a CVSS score of 7.8 (HIGH). LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication n...
How severe is CVE-2007-0672?
CVE-2007-0672 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0672?
Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Brightstor Arcserve Backup Laptops Desktops, Broadcom Business Protection Suite, Broadcom Desktop Management Suite, Broadcom Desktop Protection Suite, Ca Business Protection Suite.