CVE-2007-0672
published 2007-02-03CVE-2007-0672: LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F…
PriorityP431high7.8CVSS 2.0
AVNACLAuNCNINAC
EPSS
2.66%
83.8th percentile
LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | brightstor_arcserve_backup_laptops_desktops | — | — |
| broadcom | brightstor_arcserve_backup_laptops_desktops | — | — |
| broadcom | business_protection_suite | — | — |
| broadcom | desktop_management_suite | — | — |
| broadcom | desktop_management_suite | — | — |
| broadcom | desktop_protection_suite | — | — |
| ca | business_protection_suite | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2007-1217 Kernel: CAPI overflow
bugzilla·2007-11-28·CVSS 6.9
CVE-2007-1217 [MEDIUM] CVE-2007-1217 Kernel: CAPI overflow
CVE-2007-1217 Kernel: CAPI overflow
Description of problem:
Buffer overflow in the bufprint function in capiutil.c in libcapi, as used in
Linux kernel 2.6.9 to 2.6.20 and isdn4k-utils, allows local users to cause a
denial of service (crash) and possibly gain privileges via a crafted CAPI
packet.
This issue public via:
http://bugs.gentoo.org/show_bug.cgi?id=170867
The reporter (Sune Kloppenborg Jeppesen ) did not attach
a patch :o(.
Discussion:
This was addressed via:
Red Hat Enterprise Linux version 3 (RHSA-2007:0671)
Red Hat Enterprise Linux version 2.1 (RHSA-2007:0672)
Red Hat Linux Advanced Workstation 2.1 (RHSA-2007:0673)
Red Hat Enterprise Linux version 5 (RHSA-2007:0705)
Red Hat Enterprise Linux version 4 (RHSA-2007:0774)
Bugzilla
CVE-2006-6058 minix_bmap denial of service
bugzilla·2006-11-23·CVSS 4.0
CVE-2006-6058 [MEDIUM] CVE-2006-6058 minix_bmap denial of service
CVE-2006-6058 minix_bmap denial of service
From MOKB-17-11-2006:
http://projects.info-pull.com/mokb/MOKB-17-11-2006.html
The minix filesystem code fails to properly handle corrupted data structures,
leading to an exploitable denial of service issue when a crafted fs stream is
being mounted.
This also affects 2.4 kernels.
Discussion:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
http://rhn.redhat.com/errata/RHSA-2007-0672.html
http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asphttp://www.securityfocus.com/archive/1/458653/100/0/threadedhttp://www.securityfocus.com/bid/22339http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asphttp://www.securityfocus.com/archive/1/458653/100/0/threadedhttp://www.securityfocus.com/bid/22339
2007-02-03
Published