16 matches found
EUVD-2008-0970
Malware in sbrugna...
EUVD-2008-0969
Malware in sbrugna...
Format string
Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface...
Stack overflow
Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface...
CVE-2008-0963
Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface...
CVE-2008-0962
Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface...
CVE-2008-0963
EMC DiskXtender MediaStor 6.20.060 is affected by a format-string vulnerability in the RPC interface (UUID b157b800-aef5-11d3-ae49-00600834c15f). The service passes an unvalidated string to a formatting function, allowing remote authenticated users to execute arbitrary code with the privileges of...
CVE-2008-0962
EMC DiskXtender 6.20.060’s File System Manager is affected by a stack-based buffer overflow in the RPC interface (UUID b157b800-aef5-11d3-ae49-00600834c15f) that can allow remote authenticated users to execute arbitrary code. The vulnerability arises from improper validation of string length in c...
CVE-2008-0962
Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface...
CVE-2008-0963
Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface...
iDefense Security Advisory 04.09.08: EMC DiskXtender File System Manager Stack Buffer Overflow Vulnerability
iDefense Security Advisory 04.09.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 09, 2008 I. BACKGROUND EMC DiskXtender is a data backup and migration suite. It consists of several applications that are used to manage storing large quantities of files across multiple storage devices...
iDefense Security Advisory 04.09.08: EMC DiskXtender MediaStor Format String Vulnerability
iDefense Security Advisory 04.09.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 09, 2008 I. BACKGROUND EMC DiskXtender is a data backup and migration suite. It consists of several applications that are used to manage storing large quantities of files across multiple storage devices...
iDefense Security Advisory 04.09.08: EMC DiskXtender Authentication Bypass Vulnerability
iDefense Security Advisory 04.09.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 09, 2008 I. BACKGROUND EMC DiskXtender is a data backup and migration suite. It consists of several applications that are used to manage storing large quantities of files across multiple storage devices...
EMC DiskXtender multiple security vulnerabilities
Authentication bypass, buffer overflow, format string vulnerability...
EMC DiskXtender MediaStor组件远程格式串处理漏洞
CVECAN ID: CVE-2008-0963 EMC DiskXtender是一款数据备份、迁移套件。 DiskXtender产品的MediaStor组件在处理UUID为b157b800-aef5-11d3-ae49-00600834c15f的RPC接口上请求时,服务没有正确地验证请求中格式串的内容。由于该格式串直接传送给了格式化函数,因此远程攻击者可以执行格式串攻击,导致以受影响服务的权限执行任意指令。必须要通过认证才能利用这个漏洞。 EMC DiskXtender 6.20.60 EMC --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
EMC DiskXtender默认凭据权限提升漏洞
BUGTRAQ ID: 28727 CVECAN ID: CVE-2008-0961 EMC DiskXtender是一款数据备份、迁移套件。 DiskXtender产品的主要组件包括文件系统管理器、MediaStor和证书服务器,这些组件都会创建可能远程访问的RPC端点。由于认证代码中包含有硬编码的登录和口令凭据,因此远程攻击者可以连接到这些RPC接口并使用这些凭据登录来绕过正常的认证过程,获得对DiskXtender服务器的管理访问。 EMC DiskXtender 6.20.60 EMC --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...