Added: 02/01/2013
CVE: CVE-2013-0928
BID: 57472
OSVDB: 89436
EMC AlphaStor is a media lifecycle and tape library management product for enterprise environments.
EMC AlphaStor versions prior to 4.0 Build 800 are vulnerable to remote command injection. The AlphaStor Device Manager (rrobotd.exe
) contains a flaw which could be exploited to inject arbitrary commands via the DCP run command.
Upgrade to version 4.0 build 800 or later.
<http://secunia.com/advisories/51930/>
This exploit was tested against EMC AlphaStor 4.0 build 114 on Windows Server 2003 SP2 English (DEP OptOut) and Windows Server 2008 SP2 (DEP OptOut).
Windows