Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
11 vulnerabilities found for replistor by emc
VAR-202001-0004
Vulnerability from variot - Updated: 2023-12-18 13:33EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker. EMC RepliStor Server Service Contains an unspecified vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. The function responsible for handling opcode 36 calls CreateProcessW with user-supplied arguments. A malicious attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-0004",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "emc replistor",
"scope": "lt",
"trust": 1.0,
"vendor": "dell",
"version": "esa-09-003"
},
{
"model": "replistor",
"scope": "lt",
"trust": 0.8,
"vendor": "dell emc old emc",
"version": "esa-09-003"
},
{
"model": "replistor",
"scope": null,
"trust": 0.7,
"vendor": "emc",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-068"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006645"
},
{
"db": "NVD",
"id": "CVE-2009-1120"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:dell:emc_replistor:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "esa-09-003",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1120"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-068"
}
],
"trust": 0.7
},
"cve": "CVE-2009-1120",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-1120",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-38566",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2009-1120",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-1120",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-202001-786",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-38566",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38566"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006645"
},
{
"db": "NVD",
"id": "CVE-2009-1120"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-786"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker. EMC RepliStor Server Service Contains an unspecified vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. The function responsible for handling opcode 36 calls CreateProcessW with user-supplied arguments. A malicious attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1120"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006645"
},
{
"db": "ZDI",
"id": "ZDI-09-068"
},
{
"db": "VULHUB",
"id": "VHN-38566"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-1120",
"trust": 3.2
},
{
"db": "ZDI",
"id": "ZDI-09-068",
"trust": 3.2
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006645",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-452",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202001-786",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-38566",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-09-068"
},
{
"db": "VULHUB",
"id": "VHN-38566"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006645"
},
{
"db": "NVD",
"id": "CVE-2009-1120"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-786"
}
]
},
"id": "VAR-202001-0004",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-38566"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:33:13.544000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.emc.com/"
},
{
"title": "EMC RepliStor Server Service Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=107114"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-006645"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-786"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-1120"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.zerodayinitiative.com/advisories/zdi-09-068/"
},
{
"trust": 1.7,
"url": "https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1120"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1120"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-38566"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006645"
},
{
"db": "NVD",
"id": "CVE-2009-1120"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-786"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-09-068"
},
{
"db": "VULHUB",
"id": "VHN-38566"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-006645"
},
{
"db": "NVD",
"id": "CVE-2009-1120"
},
{
"db": "CNNVD",
"id": "CNNVD-202001-786"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-04-07T00:00:00",
"db": "ZDI",
"id": "ZDI-09-068"
},
{
"date": "2020-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-38566"
},
{
"date": "2020-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-006645"
},
{
"date": "2020-01-15T18:15:11.447000",
"db": "NVD",
"id": "CVE-2009-1120"
},
{
"date": "2020-01-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-786"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-04-07T00:00:00",
"db": "ZDI",
"id": "ZDI-09-068"
},
{
"date": "2020-01-24T00:00:00",
"db": "VULHUB",
"id": "VHN-38566"
},
{
"date": "2020-02-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-006645"
},
{
"date": "2020-01-24T18:38:11.660000",
"db": "NVD",
"id": "CVE-2009-1120"
},
{
"date": "2021-01-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202001-786"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "EMC RepliStor Server Service Vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-006645"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "other",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202001-786"
}
],
"trust": 0.6
}
}
CVE-2009-1120 (GCVE-0-2009-1120)
Vulnerability from cvelistv5 – Published: 2020-01-15 17:19 – Updated: 2024-08-07 05:04
VLAI
Summary
EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker.
Severity
No CVSS data available.
CWE
- Other
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-09-068/ | x_refsource_MISC |
| https://fortiguard.com/encyclopedia/ips/17967/emc… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:48.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-068/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RepliStor",
"vendor": "EMC",
"versions": [
{
"status": "affected",
"version": "before ESA-09-003"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-15T17:19:19.000Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-068/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"ID": "CVE-2009-1120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RepliStor",
"version": {
"version_data": [
{
"version_value": "before ESA-09-003"
}
]
}
}
]
},
"vendor_name": "EMC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-068/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-068/"
},
{
"name": "https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution",
"refsource": "MISC",
"url": "https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2009-1120",
"datePublished": "2020-01-15T17:19:19.000Z",
"dateReserved": "2009-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:48.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3744 (GCVE-0-2009-3744)
Vulnerability from cvelistv5 – Published: 2009-10-22 15:26 – Updated: 2024-08-07 06:38
VLAI
Summary
rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port 7144.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/507322/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/36738 | vdb-entryx_refsource_BID |
| http://retrogod.altervista.org/9sg_emc_repli_crash.html | x_refsource_MISC |
Date Public
2009-10-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:38:30.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20091020 EMC RepliStor Server (rep_serv.exe) 6.3.1.3 remote denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507322/100/0/threaded"
},
{
"name": "36738",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36738"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://retrogod.altervista.org/9sg_emc_repli_crash.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-10-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port 7144."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20091020 EMC RepliStor Server (rep_serv.exe) 6.3.1.3 remote denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507322/100/0/threaded"
},
{
"name": "36738",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36738"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://retrogod.altervista.org/9sg_emc_repli_crash.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3744",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port 7144."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20091020 EMC RepliStor Server (rep_serv.exe) 6.3.1.3 remote denial of service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507322/100/0/threaded"
},
{
"name": "36738",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36738"
},
{
"name": "http://retrogod.altervista.org/9sg_emc_repli_crash.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/9sg_emc_repli_crash.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3744",
"datePublished": "2009-10-22T15:26:00.000Z",
"dateReserved": "2009-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:38:30.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1119 (GCVE-0-2009-1119)
Vulnerability from cvelistv5 – Published: 2009-04-15 19:00 – Updated: 2024-08-07 05:04
VLAI
Summary
Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.fortiguardcenter.com/advisory/FGA-2009… | x_refsource_MISC |
| http://www.securityfocus.com/bid/34449 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2009/1018 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1022026 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/502575/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/34699 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2009-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:47.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguardcenter.com/advisory/FGA-2009-13.html"
},
{
"name": "34449",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34449"
},
{
"name": "ADV-2009-1018",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1018"
},
{
"name": "1022026",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022026"
},
{
"name": "20090409 FGA-2009-003:EMC RepliStor Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502575/100/0/threaded"
},
{
"name": "34699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34699"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguardcenter.com/advisory/FGA-2009-13.html"
},
{
"name": "34449",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34449"
},
{
"name": "ADV-2009-1018",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1018"
},
{
"name": "1022026",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022026"
},
{
"name": "20090409 FGA-2009-003:EMC RepliStor Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502575/100/0/threaded"
},
{
"name": "34699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34699"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2009-1119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.fortiguardcenter.com/advisory/FGA-2009-13.html",
"refsource": "MISC",
"url": "http://www.fortiguardcenter.com/advisory/FGA-2009-13.html"
},
{
"name": "34449",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34449"
},
{
"name": "ADV-2009-1018",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1018"
},
{
"name": "1022026",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022026"
},
{
"name": "20090409 FGA-2009-003:EMC RepliStor Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502575/100/0/threaded"
},
{
"name": "34699",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34699"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2009-1119",
"datePublished": "2009-04-15T19:00:00.000Z",
"dateReserved": "2009-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:47.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6426 (GCVE-0-2007-6426)
Vulnerability from cvelistv5 – Published: 2008-02-21 00:00 – Updated: 2024-08-07 16:02
VLAI
Summary
Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id?1019457 | vdb-entryx_refsource_SECTRACK |
| http://www.vupen.com/english/advisories/2008/0625 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/27915 | vdb-entryx_refsource_BID |
| http://labs.idefense.com/intelligence/vulnerabili… | third-party-advisoryx_refsource_IDEFENSE |
| http://www.securityfocus.com/archive/1/488419/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/29011 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-02-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:02:36.843Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1019457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019457"
},
{
"name": "ADV-2008-0625",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0625"
},
{
"name": "27915",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27915"
},
{
"name": "20080219 EMC RepliStor Multiple Heap Overflow Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=664"
},
{
"name": "20080220 Re: iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488419/100/0/threaded"
},
{
"name": "29011",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1019457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019457"
},
{
"name": "ADV-2008-0625",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0625"
},
{
"name": "27915",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27915"
},
{
"name": "20080219 EMC RepliStor Multiple Heap Overflow Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=664"
},
{
"name": "20080220 Re: iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488419/100/0/threaded"
},
{
"name": "29011",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29011"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1019457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019457"
},
{
"name": "ADV-2008-0625",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0625"
},
{
"name": "27915",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27915"
},
{
"name": "20080219 EMC RepliStor Multiple Heap Overflow Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=664"
},
{
"name": "20080220 Re: iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488419/100/0/threaded"
},
{
"name": "29011",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29011"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6426",
"datePublished": "2008-02-21T00:00:00.000Z",
"dateReserved": "2007-12-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:02:36.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5323 (GCVE-0-2007-5323)
Vulnerability from cvelistv5 – Published: 2007-10-11 00:00 – Updated: 2024-08-07 15:24
VLAI
Summary
The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://dvlabs.tippingpoint.com/advisory/TPTI-07-18 | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1018799 | vdb-entryx_refsource_SECTRACK |
| http://www.vupen.com/english/advisories/2007/3458 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/26014 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/27166 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2007-10-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-18"
},
{
"name": "emc-replistor-recv-bo(37075)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37075"
},
{
"name": "1018799",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018799"
},
{
"name": "ADV-2007-3458",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3458"
},
{
"name": "26014",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26014"
},
{
"name": "27166",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27166"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-18"
},
{
"name": "emc-replistor-recv-bo(37075)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37075"
},
{
"name": "1018799",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018799"
},
{
"name": "ADV-2007-3458",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3458"
},
{
"name": "26014",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26014"
},
{
"name": "27166",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27166"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-18",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-18"
},
{
"name": "emc-replistor-recv-bo(37075)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37075"
},
{
"name": "1018799",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018799"
},
{
"name": "ADV-2007-3458",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3458"
},
{
"name": "26014",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26014"
},
{
"name": "27166",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27166"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5323",
"datePublished": "2007-10-11T00:00:00.000Z",
"dateReserved": "2007-10-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:24:42.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1120 (GCVE-0-2009-1120)
Vulnerability from nvd – Published: 2020-01-15 17:19 – Updated: 2024-08-07 05:04
VLAI
Summary
EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker.
Severity
No CVSS data available.
CWE
- Other
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.zerodayinitiative.com/advisories/ZDI-09-068/ | x_refsource_MISC |
| https://fortiguard.com/encyclopedia/ips/17967/emc… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:48.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-068/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "RepliStor",
"vendor": "EMC",
"versions": [
{
"status": "affected",
"version": "before ESA-09-003"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Other",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-15T17:19:19.000Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-068/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@dell.com",
"ID": "CVE-2009-1120",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "RepliStor",
"version": {
"version_data": [
{
"version_value": "before ESA-09-003"
}
]
}
}
]
},
"vendor_name": "EMC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-09-068/",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-09-068/"
},
{
"name": "https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution",
"refsource": "MISC",
"url": "https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2009-1120",
"datePublished": "2020-01-15T17:19:19.000Z",
"dateReserved": "2009-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:48.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-3744 (GCVE-0-2009-3744)
Vulnerability from nvd – Published: 2009-10-22 15:26 – Updated: 2024-08-07 06:38
VLAI
Summary
rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port 7144.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/archive/1/507322/100… | mailing-listx_refsource_BUGTRAQ |
| http://www.securityfocus.com/bid/36738 | vdb-entryx_refsource_BID |
| http://retrogod.altervista.org/9sg_emc_repli_crash.html | x_refsource_MISC |
Date Public
2009-10-20 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:38:30.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20091020 EMC RepliStor Server (rep_serv.exe) 6.3.1.3 remote denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/507322/100/0/threaded"
},
{
"name": "36738",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36738"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://retrogod.altervista.org/9sg_emc_repli_crash.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-10-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port 7144."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20091020 EMC RepliStor Server (rep_serv.exe) 6.3.1.3 remote denial of service",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/507322/100/0/threaded"
},
{
"name": "36738",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36738"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://retrogod.altervista.org/9sg_emc_repli_crash.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3744",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port 7144."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20091020 EMC RepliStor Server (rep_serv.exe) 6.3.1.3 remote denial of service",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/507322/100/0/threaded"
},
{
"name": "36738",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36738"
},
{
"name": "http://retrogod.altervista.org/9sg_emc_repli_crash.html",
"refsource": "MISC",
"url": "http://retrogod.altervista.org/9sg_emc_repli_crash.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3744",
"datePublished": "2009-10-22T15:26:00.000Z",
"dateReserved": "2009-10-22T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:38:30.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-1119 (GCVE-0-2009-1119)
Vulnerability from nvd – Published: 2009-04-15 19:00 – Updated: 2024-08-07 05:04
VLAI
Summary
Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.fortiguardcenter.com/advisory/FGA-2009… | x_refsource_MISC |
| http://www.securityfocus.com/bid/34449 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2009/1018 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1022026 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/archive/1/502575/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/34699 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2009-04-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:47.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguardcenter.com/advisory/FGA-2009-13.html"
},
{
"name": "34449",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34449"
},
{
"name": "ADV-2009-1018",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1018"
},
{
"name": "1022026",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022026"
},
{
"name": "20090409 FGA-2009-003:EMC RepliStor Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/502575/100/0/threaded"
},
{
"name": "34699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34699"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-04-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguardcenter.com/advisory/FGA-2009-13.html"
},
{
"name": "34449",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34449"
},
{
"name": "ADV-2009-1018",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1018"
},
{
"name": "1022026",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022026"
},
{
"name": "20090409 FGA-2009-003:EMC RepliStor Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/502575/100/0/threaded"
},
{
"name": "34699",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34699"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2009-1119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in EMC RepliStor 6.2 before SP5 and 6.3 before SP2 allow remote attackers to execute arbitrary code via a crafted message to (1) ctrlservice.exe or (2) rep_srv.exe, possibly related to an integer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.fortiguardcenter.com/advisory/FGA-2009-13.html",
"refsource": "MISC",
"url": "http://www.fortiguardcenter.com/advisory/FGA-2009-13.html"
},
{
"name": "34449",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34449"
},
{
"name": "ADV-2009-1018",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1018"
},
{
"name": "1022026",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022026"
},
{
"name": "20090409 FGA-2009-003:EMC RepliStor Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/502575/100/0/threaded"
},
{
"name": "34699",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34699"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2009-1119",
"datePublished": "2009-04-15T19:00:00.000Z",
"dateReserved": "2009-03-25T00:00:00.000Z",
"dateUpdated": "2024-08-07T05:04:47.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-6426 (GCVE-0-2007-6426)
Vulnerability from nvd – Published: 2008-02-21 00:00 – Updated: 2024-08-07 16:02
VLAI
Summary
Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://www.securitytracker.com/id?1019457 | vdb-entryx_refsource_SECTRACK |
| http://www.vupen.com/english/advisories/2008/0625 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/27915 | vdb-entryx_refsource_BID |
| http://labs.idefense.com/intelligence/vulnerabili… | third-party-advisoryx_refsource_IDEFENSE |
| http://www.securityfocus.com/archive/1/488419/100… | mailing-listx_refsource_BUGTRAQ |
| http://secunia.com/advisories/29011 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2008-02-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:02:36.843Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1019457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019457"
},
{
"name": "ADV-2008-0625",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0625"
},
{
"name": "27915",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27915"
},
{
"name": "20080219 EMC RepliStor Multiple Heap Overflow Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=664"
},
{
"name": "20080220 Re: iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/488419/100/0/threaded"
},
{
"name": "29011",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/29011"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1019457",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019457"
},
{
"name": "ADV-2008-0625",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0625"
},
{
"name": "27915",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27915"
},
{
"name": "20080219 EMC RepliStor Multiple Heap Overflow Vulnerabilities",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=664"
},
{
"name": "20080220 Re: iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/488419/100/0/threaded"
},
{
"name": "29011",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/29011"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-6426",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1019457",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019457"
},
{
"name": "ADV-2008-0625",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0625"
},
{
"name": "27915",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27915"
},
{
"name": "20080219 EMC RepliStor Multiple Heap Overflow Vulnerabilities",
"refsource": "IDEFENSE",
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=664"
},
{
"name": "20080220 Re: iDefense Security Advisory 02.19.08: EMC RepliStor Multiple Heap Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/488419/100/0/threaded"
},
{
"name": "29011",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/29011"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-6426",
"datePublished": "2008-02-21T00:00:00.000Z",
"dateReserved": "2007-12-18T00:00:00.000Z",
"dateUpdated": "2024-08-07T16:02:36.843Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5323 (GCVE-0-2007-5323)
Vulnerability from nvd – Published: 2007-10-11 00:00 – Updated: 2024-08-07 15:24
VLAI
Summary
The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://dvlabs.tippingpoint.com/advisory/TPTI-07-18 | x_refsource_MISC |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1018799 | vdb-entryx_refsource_SECTRACK |
| http://www.vupen.com/english/advisories/2007/3458 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/26014 | vdb-entryx_refsource_BID |
| http://secunia.com/advisories/27166 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2007-10-10 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.440Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-18"
},
{
"name": "emc-replistor-recv-bo(37075)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37075"
},
{
"name": "1018799",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018799"
},
{
"name": "ADV-2007-3458",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3458"
},
{
"name": "26014",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26014"
},
{
"name": "27166",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27166"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-10T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-18"
},
{
"name": "emc-replistor-recv-bo(37075)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37075"
},
{
"name": "1018799",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018799"
},
{
"name": "ADV-2007-3458",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3458"
},
{
"name": "26014",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26014"
},
{
"name": "27166",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27166"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-18",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-18"
},
{
"name": "emc-replistor-recv-bo(37075)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37075"
},
{
"name": "1018799",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018799"
},
{
"name": "ADV-2007-3458",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3458"
},
{
"name": "26014",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26014"
},
{
"name": "27166",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27166"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5323",
"datePublished": "2007-10-11T00:00:00.000Z",
"dateReserved": "2007-10-10T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:24:42.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}