ZDI-11-061: EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability

ZDI-11-061: EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-061 February 7, 2011 -- CVE ID: CVE-2011-0647 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: EMC -- Affected Products: EMC Replication Manager ...

CVE-2011-0647

The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542...

Design/Logic Flaw

The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542...

CVE-2011-0647

CVE-2011-0647 is a remote code execution vulnerability in EMC Replication Manager (embedded in NetWorker Module for Microsoft Applications) prior to version 5.3. The irccd.exe service exposes TCP port 6542 and accepts commands via an XML-based RunProgram function; an attacker can execute arbitrar...

CVE-2011-0647

The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542...

(0Day) EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Replication Manager Client. Authentication is not required to exploit this vulnerability. The Replication Manager client installs a service binds the irccd.exe process to TCP port 6542. Thi...

CVE-2011-0497

CVE-2011-0497 —Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace. A crafted request can trigger directory traversal via the sequence "../\" to read arbitrary files. The issue is remote and network-...

CVE-2010-3984

CVE-2010-3984 is a buffer overflow flaw in CA XOsoft/ARCserve components (mng_core_com.dll) exploited via crafted create_session_bab SOAP requests to xosoapapi.asmx. Affected products include XOsoft Replication (r12.0 SP1, r12.5 SP2 rollups), XOsoft High Availability (r12.0 SP1, r12.5 SP2 rollups...

CVE-2010-3984

Buffer overflow in mngcorecom.dll in CA XOsoft Replication r12.0 SP1 and r12.5 SP2 rollup, CA XOsoft High Availability r12.0 SP1 and r12.5 SP2 rollup, CA XOsoft Content Distribution r12.0 SP1 and r12.5 SP2 rollup, and CA ARCserve Replication and High Availability RHA r15.0 SP1 allows remote...

CVE-2010-3783

Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replication, which allows remote authenticated users to bypass verification of the current password via unspecified vectors...

MySQL Community Server < 5.1.51 Multiple Vulnerabilities

The version of MySQL Community Server installed on the remote host is earlier than 5.1.51 and is, therefore, potentially affected by multiple vulnerabilities: - A privilege escalation vulnerability exists when using statement-based replication. Version specific comments used on a master server wi...

MySQL Community Server 5.1 < 5.1.51 Multiple Denial of Service Vulnerabilities

Binary data 5677.prm...

Fedora Update for couchdb FEDORA-2010-13665

Check for the Version of couchdb OpenVAS Vulnerability Test Fedora Update for couchdb FEDORA-2010-13665 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 13 Update: couchdb-0.11.2-2.fc13

Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database accessible via a RESTful HTTP/JSON API. Among other features, it provides robust, incremental replication with bi-directional conflict detection and resolution, and is queryable and indexable using a...

[SECURITY] Fedora 12 Update: couchdb-0.11.2-2.fc12

Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database accessible via a RESTful HTTP/JSON API. Among other features, it provides robust, incremental replication with bi-directional conflict detection and resolution, and is queryable and indexable using a...

openSUSE Security Update : libldap-2_4-2 (openSUSE-SU-2010:0546-1)

The following issues have been fixed in OpenLDAP: specially crafted MODRDN operations can crash the OpenLDAP server CVE-2010-0211 and CVE-2010-0212. also fixed was following bug : - Delete Operations happening during the 'Refresh' phase of 'refreshAndPersist' replication failed to replicate under...

Design/Logic Flaw

Unspecified vulnerability on Cisco Adaptive Security Appliances ASA 5580 series devices with software before 8.12 allows remote authenticated users to cause a denial of service console hang via a login action during failover replication, aka Bug ID CSCsq80095...

Fedora Update for couchdb FEDORA-2010-8298

Check for the Version of couchdb OpenVAS Vulnerability Test Fedora Update for couchdb FEDORA-2010-8298 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[SECURITY] Fedora 13 Update: couchdb-0.10.2-1.fc13

Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database accessible via a RESTful HTTP/JSON API. Among other features, it provides robust, incremental replication with bi-directional conflict detection and resolution, and is queryable and indexable using a...

[SECURITY] Fedora 12 Update: couchdb-0.10.2-1.fc12

Apache CouchDB is a distributed, fault-tolerant and schema-free document-oriented database accessible via a RESTful HTTP/JSON API. Among other features, it provides robust, incremental replication with bi-directional conflict detection and resolution, and is queryable and indexable using a...