CVE-2007-0672 | Vulnerability Database | Aqua Security

LGSERVER.EXE in BrightStor Mobile Backup 4.0 allows remote attackers to cause a denial of service (disk consumption and daemon hang) via a value of 0xFFFFFF7F at a certain point in an authentication negotiation packet, which writes a large amount of data to a .USX file in CA_BABLDdataServerdatatransfer.

Affected Software

Name	Vendor	Start Version	End Version
Brightstor_arcserve_backup_laptops_desktops	Broadcom	11.0 (including)	11.0 (including)
Brightstor_arcserve_backup_laptops_desktops	Broadcom	11.1 (including)	11.1 (including)
Brightstor_arcserve_backup_laptops_desktops	Broadcom	11.1-sp1 (including)	11.1-sp1 (including)
Business_protection_suite	Broadcom	2.0 (including)	2.0 (including)
Desktop_management_suite	Broadcom	11.0 (including)	11.0 (including)
Desktop_management_suite	Broadcom	11.1 (including)	11.1 (including)
Desktop_protection_suite	Broadcom	2.0 (including)	2.0 (including)
Business_protection_suite	Ca	2.0 (including)	2.0 (including)

References

http://supportconnectw.ca.com/public/sams/lifeguard/infodocs/babldimpsec-notice.asp
http://www.securityfocus.com/archive/1/458653/100/0/threaded
http://www.securityfocus.com/bid/22339

NVD	https://nvd.nist.gov/vuln/detail/CVE-2007-0672
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html