EMC RepliStor Server Service recv() Buffer Overflow Vulnerability
BID:26014
Info
EMC RepliStor Server Service recv() Buffer Overflow Vulnerability
| Bugtraq ID: | 26014 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2007-5323 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 10 2007 12:00AM |
| Updated: | Oct 11 2007 08:08PM |
| Credit: | Aaron Portnoy of TippingPoint DVLabs is credited with the discovery of this vulnerability. |
| Vulnerable: |
EMC RepliStor 6.1.3 |
| Not Vulnerable: | |
Discussion
EMC RepliStor Server Service recv() Buffer Overflow Vulnerability
EMC RepliStor is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
A remote attacker may be able to exploit this issue to execute arbitrary code with SYSTEM-level privileges.
This issue affects RepliStor 6.1.3; earlier versions may also be vulnerable.
EMC RepliStor is prone to a remote buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input.
A remote attacker may be able to exploit this issue to execute arbitrary code with SYSTEM-level privileges.
This issue affects RepliStor 6.1.3; earlier versions may also be vulnerable.
Exploit / POC
EMC RepliStor Server Service recv() Buffer Overflow Vulnerability
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
EMC RepliStor Server Service recv() Buffer Overflow Vulnerability
Solution:
The vendor released updates and a knowledgebase article (emc168869) to address this issue. Please contact the vendor for information on obtaining and apply these updates.
Solution:
The vendor released updates and a knowledgebase article (emc168869) to address this issue. Please contact the vendor for information on obtaining and apply these updates.
References
EMC RepliStor Server Service recv() Buffer Overflow Vulnerability
References:
References:
- RepliStor Homepage (EMC)
- TPTI-07-18 EMC RepliStor Server Heap Overflow Vulnerability (TippingPoint)
- TPTI-07-18: EMC RepliStor Server Heap Overflow Vulnerability (Tipping Point)