Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:3159
HistoryApr 13, 2008 - 12:00 a.m.

EMC DiskXtender MediaStor组件远程格式串处理漏洞

2008-04-1300:00:00
Root
www.seebug.org
24

0.018 Low

EPSS

Percentile

86.8%

JSON

CVE(CAN) ID: CVE-2008-0963

EMC DiskXtender是一款数据备份、迁移套件。

DiskXtender产品的MediaStor组件在处理UUID为b157b800-aef5-11d3-ae49-00600834c15f的RPC接口上请求时,服务没有正确地验证请求中格式串的内容。由于该格式串直接传送给了格式化函数,因此远程攻击者可以执行格式串攻击,导致以受影响服务的权限执行任意指令。必须要通过认证才能利用这个漏洞。

EMC DiskXtender 6.20.60
EMC

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

<a href=“http://software.emc.com/products/product_family/diskxtender_family.htm” target=“_blank”>http://software.emc.com/products/product_family/diskxtender_family.htm</a>

Related

prion 1
securityvulns 2
cve 1
prion
prion
Format string
2008-04-14 16:05:00
securityvulns
securityvulns
iDefense Security Advisory 04.09.08: EMC DiskXtender MediaStor Format String Vulnerability
2008-04-14 00:00:00
EMC DiskXtender multiple security vulnerabilities
2008-04-14 00:00:00
cve
cve
CVE-2008-0963
2008-04-14 16:05:00

0.018 Low

EPSS

Percentile

86.8%

JSON
Related for SSV:3159
prion1securityvulns2cve1