Description
(1) caloggerd.exe (camt70.dll) and (2) mediasvr.exe (catirpc.dll and rwxdr.dll) in CA BrightStor Backup 11.5.2.0 SP2 allow remote attackers to cause a denial of service (NULL dereference and application crash) via a crafted RPC packet.
Affected products
- ca / brightstor_arcserve_backup11.5.2.0 – 11.5.2.0
References
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/34319
- MISChttp://osvdb.org/35328
- MISChttp://www.securitytracker.com/id?1018076
- VENDOR_ADVISORYhttp://secunia.com/advisories/25300
- MISChttp://osvdb.org/35327
- EXPLOIThttps://www.exploit-db.com/exploits/3939
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/34322
- MISChttp://supportconnectw.ca.com/public/storage/infodocs/babmedservul-secnotice.asp
- EXPLOIThttps://www.exploit-db.com/exploits/3940
- MISChttp://securityreason.com/securityalert/2727
- MISChttp://www.securityfocus.com/archive/1/468784/100/0/threaded
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/1849