ID CVE-2007-6426
Type cve
Reporter NVD
Modified 2011-03-07T22:02:42
Description
Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data.
{"assessment": {"system": "", "name": "", "href": ""}, "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:COMPLETE/A:NONE/"}, "type": "cve", "viewCount": 0, "bulletinFamily": "NVD", "edition": 1, "published": "2008-02-20T19:44:00", "objectVersion": "1.2", "history": [], "title": "CVE-2007-6426", "reporter": "NVD", "hash": "fc9f6d9103da27c182c6e70c432727639e14c0b7fbebc359356df82a39546039", "lastseen": "2016-09-03T09:52:25", "id": "CVE-2007-6426", "scanner": [], "description": "Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data.", "modified": "2011-03-07T22:02:42", "cvelist": ["CVE-2007-6426"], "cpe": ["cpe:/a:emc:replistor:6.2_sp2"], "references": ["http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=664", "http://www.securityfocus.com/archive/1/archive/1/488419/100/0/threaded", "http://www.securityfocus.com/bid/27915", "http://www.securitytracker.com/id?1019457", "http://www.vupen.com/english/advisories/2008/0625"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-6426", "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2016-09-03T09:52:25"}, "vulnersScore": 7.5}}
{"nessus": [{"lastseen": "2018-09-02T00:02:04", "references": ["http://www.nessus.org/u?dade10b4"], "pluginID": "35467", "description": "According to its version, the installation of EMC RepliStor Server on the remote host is affected by multiple heap overvlow vulnerabilities. By sending a specially crafted request, an unauthorized attacker could execute arbitrary code with SYSTEM level privileges.", "edition": 4, "reporter": "Tenable", "published": "2009-01-27T00:00:00", "title": "EMC RepliStor Multiple Remote Heap Based Buffer Overflows", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Gain a shell remotely", "bulletinFamily": "scanner", "cvelist": ["CVE-2007-6426"], "modified": "2018-07-10T00:00:00", "cpe": [], "id": "EMC_REPLISTOR_MULTIPLE.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=35467", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\nif (NASL_LEVEL < 3207) exit(0);\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(35467);\n script_version(\"1.9\");\n\n script_cve_id(\"CVE-2007-6426\");\n script_bugtraq_id(27915);\n\n script_name(english:\"EMC RepliStor Multiple Remote Heap Based Buffer Overflows\");\n script_summary(english:\"Checks version of EMC RepliStor\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote software is affected by multiple vulnerabilities.\" );\n script_set_attribute(attribute:\"description\", value:\n\"According to its version, the installation of EMC RepliStor Server on\nthe remote host is affected by multiple heap overvlow vulnerabilities. \nBy sending a specially crafted request, an unauthorized attacker could\nexecute arbitrary code with SYSTEM level privileges.\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dade10b4\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to RepliStor 6.1 SP5 / 6.2 SP4 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(119);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2009/01/27\");\n script_cvs_date(\"Date: 2018/07/10 14:27:33\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"remote\");\nscript_end_attributes();\n\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gain a shell remotely\");\n script_copyright(english:\"This script is Copyright (C) 2009-2018 Tenable Network Security, Inc.\");\n script_dependencies(\"emc_replistor.nbin\");\n script_require_keys(\"EMC/RepliStor/Version\");\n script_require_ports(7144);\n\n exit(0);\n}\n\nver = get_kb_item(\"EMC/RepliStor/Version\");\nif (!ver) exit(0);\n\nport = 7144;\n\n# Exit on version 6.1 SP5 / 6.2 SP4\n# Version 6.1 SP2 (Build 450b)\n\nmatches = eregmatch(string:ver, pattern:\"^Version ([0-9]+)\\.([0-9]+) (SP([0-9])+ )?\\(Build ([0-9a-z]+)\\)$\");\nif (!isnull(matches))\n{\n ver_major = int(matches[1]);\n ver_minor = int(matches[2]);\n sp = int(matches[4]);\n build = matches[5];\n\n if (\n (ver_major < 6) ||\n (ver_major == 6 && ver_minor == 1 && sp < 5) ||\n (ver_major == 6 && ver_minor == 2 && sp < 4) \n )\n security_hole(port);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:COMPLETE/A:NONE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:28", "references": ["https://vulners.com/securityvulns/securityvulns:doc:19244"], "description": "Multiple security vulnerabilities on TCP/7144 and TCP/7145 traffic parsing.", "edition": 1, "reporter": "BUGTRAQ", "published": "2008-02-22T00:00:00", "title": "EMC Replistor multiple security vulnerabilities", "type": "securityvulns", "enchantments": {"score": {"modified": "2018-08-31T11:09:28", "vector": "NONE", "value": 10.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "RepliStor", "version": "6.2", "operator": "eq"}], "cvelist": ["CVE-2008-6426", "CVE-2007-6426"], "modified": "2008-02-22T00:00:00", "id": "SECURITYVULNS:VULN:8712", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8712", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:COMPLETE/A:NONE/"}}]}
