{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-09-21T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "24348", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/24348"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674"}, {"name": "25606", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25606"}, {"name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"}, {"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"}, {"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops", "tags": ["third-party-advisory", "x_refsource_EEYE"], "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"}, {"name": "1018728", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1018728"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5003", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "24348", "refsource": "BID", "url": "http://www.securityfocus.com/bid/24348"}, {"name": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674", "refsource": "CONFIRM", "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674"}, {"name": "25606", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25606"}, {"name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"}, {"name": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006", "refsource": "CONFIRM", "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"}, {"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"}, {"name": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp", "refsource": "CONFIRM", "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"}, {"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops", "refsource": "EEYE", "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"}, {"name": "1018728", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1018728"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T15:17:28.199Z"}, "title": "CVE Program Container", "references": [{"name": "24348", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/24348"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674"}, {"name": "25606", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25606"}, {"name": "20070920 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"}, {"name": "20070921 [CAID 35673, 35674, 35675, 35676, 35677]: CA ARCserve Backup for Laptops and Desktops Multiple Server Vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"}, {"name": "20070920 Multiple Vulnerabilities in CA ARCserve for Laptops & Desktops", "tags": ["third-party-advisory", "x_refsource_EEYE", "x_transferred"], "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"}, {"name": "1018728", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1018728"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5003", "datePublished": "2007-10-01T20:00:00", "dateReserved": "2007-09-20T00:00:00", "dateUpdated": "2024-08-07T15:17:28.199Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:4.0:*:*:*:*:*:*:*", "matchCriteriaId": "261A513C-CBD4-4A1C-B58A-A9005774EC87", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "4FB993B2-9A44-40E2-AA05-0CAD04BDC26D", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "C7461AE5-2067-4964-93B7-560CD02CEAC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.1:sp1:*:*:*:*:*:*", "matchCriteriaId": "9DAE8E8B-7FD6-43CB-B07A-6D3B31E94DC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:brightstor_arcserve_backup_laptops_desktops:11.5:*:*:*:*:*:*:*", "matchCriteriaId": "7B9C97C1-D295-4A84-B179-3FDF51DE1DD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "237F2346-0B9B-4CE8-8EF9-813CB3F1BC1B", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "22268F99-2F38-481D-A0CC-B1FC96FDB953", "vulnerable": true}, {"criteria": "cpe:2.3:a:broadcom:desktop_management_suite:11.2:*:*:*:*:*:*:*", "matchCriteriaId": "E6195AFF-0039-4F48-9E02-ACE8CF052EA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:ca:protection_suites:r2:*:*:*:*:*:*:*", "matchCriteriaId": "47C10BA4-B241-4F65-8FA1-AD88266C03B0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in CA (Computer Associates) BrightStor ARCserve Backup for Laptops and Desktops r11.0 through r11.5 allow remote attackers to execute arbitrary code via a long (1) username or (2) password to the rxrLogin command in rxRPC.dll, or a long (3) username argument to the GetUserInfo function."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basado en pila en CA (Computer Associates) BrightStor ARCserve Backup para Port\u00e1til y Sobremesa r11.0 hasta r11.5 permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un (1) nombre de usuario \u00f3 (2) contrase\u00f1a largos en el comando rxrLogin de rxRPC.dll, \u00f3 un (3) argumento nombre de usuario largo en la funci\u00f3n GetUserInfo."}], "id": "CVE-2007-5003", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-10-01T20:17:00.000", "references": [{"source": "cve@mitre.org", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"}, {"source": "cve@mitre.org", "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25606"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/24348"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1018728"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://research.eeye.com/html/advisories/published/AD20070920.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/25606"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/caarcservebld-securitynotice.asp"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=156006"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.ca.com/us/securityadvisor/vulninfo/vuln.aspx?id=35674"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/480252/100/100/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/24348"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1018728"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}