Arbitrary Code Execution Vulnerability in Multiple EMC Products

EMC VNX2 File OE and others are hybrid storage platforms from EMC Corporation USA. A security vulnerability exists in the SMB server implementation of several EMC products, which can be exploited to execute arbitrary code and read or write files by sending a series of authentication requests...

CVE-2016-0917

The SMB service in EMC VNXe VNXe3200 Operating Environment prior to 3.1.5.8711957 and VNXe3100/3150/3300 Operating Environment prior to 2.4.4.22638, VNX1 File OE before 7.1.80.3, VNX2 File OE before 8.1.9.155, and Celerra all supported versions does not prevent duplicate NTLM challenge-response...