Lucene search
SAINT CorporationSAINT:75C9046F511CEA7731E1A6FC2396BD66HistoryJun 16, 2008 - 12:00 a.m.
HP StorageWorks Storage Mirroring DoubleTake.exe encoded authentication overflow
2008-06-1600:00:00
SAINT Corporation
www.saintcorporation.com
9
0.943 High
EPSS
Percentile
99.0%
Added: 06/16/2008
CVE: CVE-2008-1661
OSVDB: 45924
Background
HP StorageWorks is a virtualized storage solution for mid-sized customers.
Problem
A buffer overflow vulnerability in the **DoubleTake.exe** process allows remote attackers to execute arbitrary commands by sending a long, specially crafted encoded authentication request.
Resolution
Download HP StorageWorks Storage Mirroring 4.5 SP2 or 5.0 or higher.
References
<http://archives.neohapsis.com/archives/bugtraq/2008-06/0015.html>
<http://www.zerodayinitiative.com/advisories/ZDI-08-034/>
Limitations
Exploit works on HP StorageWorks Storage Mirroring 4.5.0.1653.
Platforms
Windows
Related
packetstorm
packetstorm
DoubleTake/HP StorageWorks Storage Mirroring Service Authentication Overflow
2009-11-26 00:00:00
hpstorage-meta.txt
2008-06-05 00:00:00
seebug
seebug
HP StorageWorksεε¨ιεθ½―δ»ΆθΏη¨ζ ζΊ’εΊζΌζ΄
2008-06-18 00:00:00
securityvulns
securityvulns
zdi
zdi
prion
prion
Stack overflow
2008-06-04 19:32:00
cve
cve
CVE-2008-1661
2008-06-04 19:32:00
checkpoint_advisories
checkpoint_advisories
saint
saint