Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:6571E9D57503D4ECB5E4D0E59DEF516F
HistorySep 19, 2011 - 12:00 a.m.

EMC Autostart ftAgent Overflow

2011-09-1900:00:00
SAINT Corporation
download.saintcorporation.com
22

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.077 Low

EPSS

Percentile

93.5%

JSON

Added: 09/19/2011
CVE: CVE-2011-2735
BID: 49238
OSVDB: 74597

Background

EMC AutoStart is a cross-platform high-availability clustering solution.

Problem

The Agent Service of EMC AutoStart listens on TCP port 8045 and is vulnerable to a heap overflow when parsing malformed messages with opcode 0x11.

Resolution

Upgrade to EMC AutoStart 5.4.1 or later.

References

<http://www.securityfocus.com/archive/1/519371&gt;
<http://www.siberas.de/advisories/advisories_2011.html&gt;

Limitations

This exploit has been tested against EMC AutoStart 5.4.0 on Windows Server 2003 SP2 English (DEP OptOut) with KB956802 and KB2393802 and Windows Server 2008 SP2 (DEP AlwaysOff).

Platforms

Windows Server 2003
Windows Server 2008

Related

checkpoint_advisories 1
securityvulns 5
prion 1
zdi 3
nessus 1
saint 3
cve 1
checkpoint_advisories
checkpoint_advisories
EMC AutoStart Login Request Stack Buffer Overflow (CVE-2011-2735)
2011-11-01 00:00:00
securityvulns
securityvulns
EMC AutoStart multiple buffer overflows
2011-08-27 00:00:00
ZDI-11-274: EMC Autostart ftAgent Opcode 0x140 Parsing Remote Code Execution Vulnerability
2011-08-27 00:00:00
ZDI-11-275: EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability
2011-08-27 00:00:00
prion
prion
Buffer overflow
2011-08-23 21:55:00
zdi
zdi
EMC Autostart Domain Name Logging Remote Code Execution Vulnerability
2011-08-23 00:00:00
EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability
2011-08-23 00:00:00
EMC Autostart ftAgent Opcode 0x140 Parsing Remote Code Execution Vulnerability
2011-08-23 00:00:00
nessus
nessus
EMC AutoStart ftAgent Multiple Remote Code Execution Vulnerabilities
2011-08-26 00:00:00
saint
saint
EMC Autostart ftAgent Overflow
2011-09-19 00:00:00
EMC Autostart ftAgent Overflow
2011-09-19 00:00:00
EMC Autostart ftAgent Overflow
2011-09-19 00:00:00
cve
cve
CVE-2011-2735
2011-08-23 21:55:00

7.9 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:M/Au:N/C:C/I:C/A:C

0.077 Low

EPSS

Percentile

93.5%

JSON
Related for SAINT:6571E9D57503D4ECB5E4D0E59DEF516F
checkpoint_advisories1securityvulns5prion1zdi3nessus1saint3cve1