Denial of Service in CA BrightStor ARCserve Backup Services
CVE-2007-0816

Currently unrated

Key Information:

Vendor

Broadcom
Status
Brightstor Arcserve Backup
Vendor
CVE Published:
7 February 2007

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC๐ŸŸฃ EPSS 14%

What is CVE-2007-0816?

The RPC Server service in CA BrightStor ARCserve Backup prior to version 11.5 SP2 is susceptible to a denial of service vulnerability. Remote attackers can exploit this issue through a specially crafted TADDR2UADDR, leading to a null pointer dereference in the catirpc.dll component. This could cause the service to crash, interrupting operations and potentially exposing sensitive data. Organizations using affected versions are advised to apply the necessary patches or updates to mitigate this risk.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2007-0816 - Proof of Concept

References

http://secunia.com/advisories/24512
third-party-advisoryx_refsource_SECUNIA
http://osvdb.org/32989
vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2007/0461
vdb-entryx_refsource_VUPEN

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.