BrightStor ARCserve Backup LGServer rxrLogin buffer overflow
Added: 11/01/2007CVE: CVE-2007-5003
BID: 24348
OSVDB: 41353
Background
BrightStor ARCserve Backup for Laptops and Desktops is an automated backup solution optimized for low-bandwidth, intermittent network connections.Problem
A buffer overflow vulnerability in the rxrLogin function allows remote attackers to execute arbitrary commands by sending a specially crafted request to the LGServer on port 1900.Resolution
Install one of the patches referenced in the security notice.References
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=599Limitations
Exploit works on BrightStor ARCserve Backup for Laptops and Desktops 11.1 SP2.Platforms
Windows 2000Windows Server 2003
Back to exploit index