5 matches found
EMC AutoStart ftagent Opcode 85 Subcode 33 SQL Injection (CVE-2015-0538)
A remote SQL injection vulnerability exists in EMC AutoStart. The vulnerability is due to insufficient validation of remotely supplied data within the ftagent component. A remote unauthenticated attacker can leverage this vulnerability by sending malicious requests to the ftagent process...
EMC AutoStart ftagent Opcode 83 Subcode 22 SQL Injection (CVE-2015-0538)
A remote SQL injection vulnerability exists in EMC AutoStart. The vulnerability is due to insufficient validation of remotely supplied data within the ftagent component. A remote unauthenticated attacker can leverage this vulnerability by sending malicious requests to the ftagent process...
EMC AutoStart ftagent Remote Command Execution (CVE-2015-0538)
A remote command execution vulnerability exists in EMC AutoStart. The vulnerability is due to insecure communication between the ftagent processes on nodes of an AutoStart cluster. A remote unauthenticated attacker can leverage this vulnerability by sending malicious requests to the ftagent proce...
EMC AutoStart < 5.5.0 HF4 ftAgent Remote Code Execution
The remote host is running a version of the EMC AutoStart ftAgent that is affected by a remote code execution vulnerability due to a failure to communicate securely between nodes. An unauthenticated, remote attacker can exploit this, via specially crafted packets, to execute arbitrary commands on...
CVE-2015-0538
EMC AutoStart ftAgent (ftagent.exe) in 5.4.x and 5.5.x prior to 5.5.0.508 HF4 is affected. The vulnerability enables remote code execution by sending crafted packets to the ftAgent process (notably handling opcode/subcode on TCP port 8045 per ZDI advisories). Root cause is insufficient input vali...