Symantec Veritas Volume Replicator Administrative Service Denial of Service Vulnerability
BID:24160
Info
Symantec Veritas Volume Replicator Administrative Service Denial of Service Vulnerability
| Bugtraq ID: | 24160 |
| Class: | Input Validation Error |
| CVE: |
CVE-2007-1593 |
| Remote: | Yes |
| Local: | No |
| Published: | May 28 2007 12:00AM |
| Updated: | Jun 04 2007 04:00PM |
| Credit: | CIRT.DK is credited with the discovery of this vulnerability. |
| Vulnerable: |
Symantec Veritas Volume Replicator for Windows 4.3MP1 Symantec Veritas Volume Replicator for Windows 4.3 Symantec Veritas Volume Replicator for Windows 4.2RP2 Symantec Veritas Volume Replicator for Windows 4.2RP1 Symantec Veritas Volume Replicator for Windows 4.2 Symantec Veritas Volume Replicator for Windows 4.1RP1 Symantec Veritas Volume Replicator for Windows 4.1 Symantec Veritas Volume Replicator for Windows 3.1 Symantec Veritas Volume Replicator for Unix 5.0 Symantec Veritas Volume Replicator for Unix 4.1 Symantec Veritas Volume Replicator for Unix 4.0 Symantec Veritas Volume Replicator for Unix 3.5 |
| Not Vulnerable: | |
Discussion
Symantec Veritas Volume Replicator Administrative Service Denial of Service Vulnerability
Symantec Veritas Volume Replicator is prone to a denial-of-service vulnerability because the application fails to sufficiently sanitize user-supplied input.
An attacker can exploit this issue to consume excessive resources, denying service to legitimate users. The attack may also affect the underlying operating system.
Symantec Veritas Volume Replicator is prone to a denial-of-service vulnerability because the application fails to sufficiently sanitize user-supplied input.
An attacker can exploit this issue to consume excessive resources, denying service to legitimate users. The attack may also affect the underlying operating system.
Exploit / POC
Symantec Veritas Volume Replicator Administrative Service Denial of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Symantec Veritas Volume Replicator Administrative Service Denial of Service Vulnerability
Solution:
The vendor released fixes and an advisory to address this issue. Please see the references for more information.
Solution:
The vendor released fixes and an advisory to address this issue. Please see the references for more information.
References
Symantec Veritas Volume Replicator Administrative Service Denial of Service Vulnerability
References:
References:
- Symantec VERITAS Storage Foundation Administration Service DoS Vulnerability (iDefense )
- Veritas Volume Replicator Homepage (Symantec)
- iDefense Security Advisory 06.01.07: Symantec VERITAS Storage Foundation ([email protected])
- SYM07-010: Symantec Storage Foundation Solutions Suites: Veritas Volume Replicat (Symantec)