Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-08-076
HistoryNov 20, 2008 - 12:00 a.m.

EMC Control Center SST_SENDFILE Remote File Retrieval Vulnerability

2008-11-2000:00:00
Anonymous
www.zerodayinitiative.com
11

EPSS

0.036

Percentile

91.7%

JSON

This vulnerability allows remote attackers to retrieve arbitrary files on systems with vulnerable installations of EMC Control Center. Authentication is not required to exploit this vulnerability. The specific flaw exists in the Master Agent service (msragent.exe) which listens by default on TCP port 10444. While processing SST_SENDFILE requests the service does not validate the requestor allowing any remote attacker to download arbitrary files.

Related

prion 1
cvelist 1
cve 1
nvd 1
prion
prion
Design/Logic Flaw
2008-12-10 14:00:00
cvelist
cvelist
CVE-2008-5420
2008-12-10 13:33:00
cve
cve
CVE-2008-5420
2008-12-10 14:00:01
nvd
nvd
CVE-2008-5420
2008-12-10 14:00:01

EPSS

0.036

Percentile

91.7%

JSON
Related for ZDI-08-076
prion1cvelist1cve1nvd1