CVE-2007-0672

5 documents4 sources

Severity

7.8HIGH

EPSS

1.4%

top 19.85%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

5

Broadcom Brightstor Arcserve Backup Laptops Desktops Broadcom Business Protection Suite Broadcom Desktop Management Suite +2 more

Timeline

PublishedFeb 3

Latest updateMay 1

Description

LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdata\Server\data\transfer\.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages5 packages

▶NVDbroadcom/brightstor_arcserve_backup_laptops_desktops11.0, 11.1+1

▶NVDca/business_protection_suite2.0

▶NVDbroadcom/desktop_management_suite11.0, 11.1+1

▶NVDbroadcom/desktop_protection_suite2.0

▶NVDbroadcom/business_protection_suite2.0

Patches

Patch: supportconnectw.ca.com ↗Patch: www.securityfocus.com ↗Patch: supportconnectw.ca.com ↗

🔴Vulnerability Details

2

GHSA

GHSA-9wv4-24w7-q589: LGSERVER↗2022-05-01

▶

CVEList

CVE-2007-0672: LGSERVER↗2007-02-03

▶

💬Community

2

Bugzilla

CVE-2007-1217 Kernel: CAPI overflow↗2007-11-28

▶

Bugzilla

CVE-2006-6058 minix_bmap denial of service↗2006-11-23

▶

CVE-2007-0672 (HIGH CVSS 7.8) | LGSERVER.EXE in BrightStor Mobile B | cvebase.io