Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-09-068
HistoryApr 07, 2009 - 12:00 a.m.

EMC RepliStor Server Service DoASOCommand Remote Code Execution Vulnerability

2009-04-0700:00:00
Anonymous
www.zerodayinitiative.com
13

EPSS

0.067

Percentile

93.9%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC RepliStor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DoRcvRpcCall RPC function exposed via the rep_srv.exe process which listens by default on TCP port 7144. The function responsible for handling opcode 36 calls CreateProcessW with user-supplied arguments. A malicious attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.

Related

cve 1
prion 1
cvelist 1
nvd 1
cve
cve
CVE-2009-1120
2020-01-15 18:15:11
prion
prion
Remote code execution
2020-01-15 18:15:00
cvelist
cvelist
CVE-2009-1120
2020-01-15 17:19:19
nvd
nvd
CVE-2009-1120
2020-01-15 18:15:11

EPSS

0.067

Percentile

93.9%

JSON
Related for ZDI-09-068
cve1prion1cvelist1nvd1