ID

33285

Nom

EMC AlphaStor Library Manager Remote Code Execution

Auteurs

This script is Copyright (C) 2008-2009 Tenable Network Security, Inc.

Catégorie

Gain root remotely

Action

infos

Résumé

Checks AlpahStor Library Manager robotd command execution

Description

Synopsis : It is possible to execute code on the remote tape backup manager. Description : The installed instance of AlphaStor Library Manager is vulnerable to a command execution flaw when it receives a packet with a 0x44 code. Packet string argument is used unsanitized as a call to the 'system' function. An unauthenticated remote attacker may be able to exploit this flaw to execute code on the remote host with SYSTEM/root privileges. See also : http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=703 Solution : Fix is available in knowledgebase article emc186391. Risk factor : Critical / CVSS Base Score : 10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

VERITAS Backup Exec Agent Browser Remote Buffer Overflow Vulnerability (DoS)
ICEcap default password
IMAP Server Remote Buffer Overflow
BSD in.lpd File Name Handling Remote Overflow
CA Message Queuing Multiple Remote Vulnerabilities (OF, DoS, Cmd Exec)
IBM Tivoli Storage Manager Client Vulnerabilities (swg21268775)
ePolicy Orchestrator Multiple Remote Vulnerabilities (OF, FS)
BrightStor ARCserve Backup Multiple Vulnerabilities (QO92996)
ClamAV clamav-milter black-hole-mode Sendmail Recipient Field Arbitrary Command Execution
Tinyproxy heap overflow
qpopper buffer overflow
IBM Tivoli Storage Manager Express Backup Server service (dsmsvc.exe) Packet Handling Remote Overflow
MailEnable IMAP Service Unspecified Buffer Overflow (ME-10018)
Multiple OpenVMS WASD HTTP Server Vulnerabilities
pam_smb / pam_ntdom overflow
Solaris in.lpd Transfer Job Routine Remote Buffer Overflow
INN verifycancels Function Arbitrary Code Execution
Mercury LoadRunner Agent server_ip_name Field Remote Buffer Overflow
LCDproc buffer overflow
SIDVault < 2.0f LDAP Server Malformed Search Request Buffer Overflow
Lotus Domino < 6.5.6 FP2 Multiple Vulnerabilities
IRCd OperServ Raw Join DoS
Rover pop3 overflow
Multiple IRC daemons format string attack
Visnetic AntiVirus Plug-in for MailServer Local Privilege Escalation
OpenSSH < 2.1.1 UseLogin feature
Flash Media Server < 2.0.5 Multiple Remote Vulnerabilities
Microsoft IIS .HTR Filter Multiple Overflows
rlogin -froot Remote Root Access
Sun Java System ASP Server Arbitrary Command Execution
Samba Buffer Overflow
rpc.nisd overflow
CA BrightStor ARCserve Backup Universal Agent Remote Overflow
Kerberos Telnet Authentication Bypass
OpenSSH Channel Code Off by 1
Avirt Gateway Suite Telnet Proxy Arbitrary Command Execution
eDirectory < 8.8 SP3 FTF3 iMonitor Buffer Overflow
BrightStor ARCserve Backup Multiple Vulnerabilities
Samba Remote Arbitrary File Creation
AIX lpd Multiple Functions Overflow
SCO i2odialogd Authentication Handling Remote Overflow
SuSE Open Enterprise Server Novell Remote Manager HTTP Request Header Heap Overflow Vulnerability
Format string on HTTP header value
Solaris lpd remote command execution
Ipswitch Collaboration Suite / IMail SMTPD Multiple Commands Format String
dwhttpd format string
Darwin Streaming Server < 5.5.5 Multiple Remote Overflow Vulnerabilities
Brightmail AntiSpam bmagent Multiple Remote Vulnerabilities (DoS, Traversal)
DeleGate DNS Response Denial of Service Vulnerability
Dropbear remote DSS SSH vuln
OpenSSH AFS/Kerberos ticket/token passing
CA BrightStor ARCserve Backup Agent for Windows Long String Overflow
HP Linux Imaging and Printing Project (hplip) hpssd from Address Command Injection
MiniShare webserver buffer overflow
CA BrightStor ARCserve Backup DBASVR for Windows Multiple Remote Buffer Overflows
Novell GroupWise Messenger Accept Language Remote Buffer Overflow Vulnerability
Webserver4everyone too long URL
Netware Perl CGI overflow
imap authenticate buffer overflow
Ipswitch IMail Server < 2006.2 Multiple Buffer Overflow Vulnerabilities
MailEnable POP3 Server APOP Command Remote Buffer Overflow
Microsoft IIS ISM.DLL HTR Request Remote Overflow
HP OpenView Storage Data Protector Backup Agent Remote Arbitrary Command Execution Vulnerability
Cfengine CAUTH Command Remote Format String
GlobalSCAPE Secure FTP Server User Input Overflow
IgnitionServer Denial of Service
BrightStor ARCserve Backup Multiple Vulnerabilities (QO87569)
Golden FTP Server APPE Command Remote Overflow
RaidenHTTPD Multiple Remote Vulnerabilities
poppassd USER overflow
lpd Server dvips Functionality Arbitrary Remote Command Execution
SSH setsid() Vulnerability
XM Easy FTP Server USER Command Buffer Overflow
X Font Service Buffer Overflow
Novell ZENworks Asset Management Collection Client Heap Overflow Vulnerability
CA BrightStor ARCserve Backup Discovery Service Overflow
Xitami Web Server Buffer Overflow
Sun Java Web Console LibWebconsole_Services.SO Format String Vulnerability
Asterisk Skinny Channel Driver (chan_skinny) get_input Function Remote Overflow
yppasswdd Overflow
BrightStor ARCserve Backup for Laptops & Desktops Server Multiple Vulnerabilities
rsync heap overflow
activePDF Server < 3.8.6 Packet Handling Remote Overflow
WinProxy < 6.1a HTTP Proxy Multiple Vulnerabilities
VERITAS Backup Exec Agent Registry Access Vulnerability
XMail APOP and USER Remote Buffer Overflows
freeSSHd Key Exchange Buffer Overflow
Microsoft IIS ISAPI Filter Multiple Vulnerabilities (OF, DoS, Priv Esc)
OpenVMPS Logging Function Format String
HTTP Cookie Overflow
Rendezvous HTTP Admin Interface Buffer Overflow
Kerio MailServer < 6.5.0 Multiple Vulnerabilities
Hummingbird lpd Buffer Overflow Vulnerability
IBM Tivoli Storage Manager Multiple Buffer Overflow Vulnerabilities
BrightStor Hierarchical Storage Manager < r11.6 Multiple Remote Vulnerabilities (OF, SQLi)
MERCUR Messaging IMAP Server NTLM Authentication NTLMSSP Argument Remote Overflow
Kerberos klogind Remote Overflow
GO-Global for Windows _USERSA_ Remote Overflow
eIQnetworks Enterprise Security Analyzer Monitoring.exe Multiple Command Overflow
SOCKS4A hostname overflow
KpyM Windows Telnet Server Password Handling Remote Overflow
mibiisa overflow
Solaris 10 Telnet Authentication Bypass
Webmin miniserv.pl username Parameter Format String
Unreal Engine Flaws
PPTP overflow
SysV /bin/login Environment Remote Overflow (rlogin)
Format string on HTTP method name
Ipswitch IMail Server/Collaboration Suite IMAP FETCH Command Overflow
TrueType Font Server for X11 (xfstt) Malformed Packet Remote Overflow
CA BrightStor ARCserve Backup Tape Engine Multiple Remote Overflows
Lotus Notes Attachment Handling Vulnerabilities
SWAT overflow
BlackBerry Enterprise Server Attachment Handling Buffer Overflows
fakeidentd Overflow
Medal of Honor remote buffer overflow
Easy File Sharing Web Server Multiple Remote Vulnerabilities (FS, XSS, Upload)
l2tpd < 0.69 overflow
Retrospect Client Remote Buffer Overflow
SAP MaxDB Multiple Vulnerabilities
Samba trans2open buffer overflow
mountd overflow
vpopmail input validation bug
Generic format string
Samba Fragment Reassembly Overflow
Eudora WorldMail Mail Management Server Remote Heap Overflow
lsh overflow
Samba Directory ACL Integer Overflow
IBM Lotus Domino IMAP Server (nimap.exe) CRAM-MD5 Authentication Remote Overflow
NSM format strings vulnerability
Linux nfs-utils xlog() off-by-one overflow
l2tpd < 0.68 Multiple Vulnerabilities
DameWare Mini Remote Control Pre-Authentication Buffer Overflow Vulnerability
eIQnetworks Enterprise Security Analyzer License Manager < 2.5.9 Multiple Remote Overflows
OpenSSH <= 3.3
IBM Tivoli Provisioning Manager OS Deployment Multiple Unspecified Input Validation Vulnerabilities
SysV /bin/login Environment Remote Overflow (telnet)
Gene6 FTP Server Buffer Overflow Vulnerabilities
Trend Micro ServerProtect Multiple Stack Buffer Overflow Vulnerabilities
BusinessMail Multiple SMTP Command Remote Buffer Overflows
IgnitionServer Multiple Vulnerabilities
Versant Connection Services Daemon Arbitrary Command Execution
eIQnetworks Enterprise Security Analyzer Syslog Server Multiple Remote Overflow Vulnerabilities
SAP DB / MaxDB Cons Program Command Execution
GO-Global for Windows _USERSA_ Remote Overflow (registry check)
Novell eDirectory < 8.8.2 FTF2 / 8.7.3 SP10b Overflow Vulnerabilities
ArGoSoft FTP Server RNTO Command Remote Buffer Overflow
ngIRCd Remote Buffer Overflow Vulnerability
Delegate Overflow
MDBMS overflow
Samba Unicode Buffer Overflow
Solaris cachefsd fscache_setup Function Local Overflow
Ipswitch IMail Server SMTP Service Crafted RCPT String Remote Overflow
Web Server Long URL Handling DoS
Imail IMAP Server Remote Overflow
HTTP version number overflow
Novell eDirectory Server iMonitor Buffer Overflow Vulnerability
Informix Dynamic Server Multiple Vulnerabilities
VERITAS Backup Exec Agent Remote Buffer Overflow Vulnerability (DoS)
Mercur Mailserver/Messaging version <= 5.0 IMAP Overflow Vulnerability
SOCKS4 Long Username Overflow
MailEnable IMAP Service Multiple Buffer Overflow Vulnerabilities (ME-10025)
Tftpd32 Filename Handling Buffer Overflow
Symantec Veritas Backup Exec for Windows Server RPC Heap Buffer Overflow Vulnerability
VERITAS Backup Exec Agent Multiple Remote Vulnerabilities
RealNetworks Helix DNA Server RTSP Service Crafted Require Header Remote Overflow
Knox Arkeia Backup Client Type 77 Request Processing Buffer Remote Overflow
BakBone NetVault Remote Heap Overflow Vulnerabilities
SecurityGateway < 1.0.2 Administration Interface username Field Remote Overflow
RealNetworks Helix Servers DESCRIBE Request LoadTestPassword Field Remote Overflow
Trend Micro ServerProtect EarthAgent RPC Request Remote Buffer Overflow
Veritas Storage Foundation NULL NTLMSSP Authentication Bypass (SYM08-015)
BrightStor ARCserve Backup for Windows Multiple Remote Buffer Overflows
HTTP Authorization Overflow
EMC AlphaStor Device Manager robotd Remote Code Execution
Intel Common Base Agent CreateProcessA() Function Remote Command Execution
IBM Lotus Domino IMAP Service Mailbox Name Overflow
APC apcupsd Multiple Vulnerabilities (OF, DoS, FS)
ntpd overflow
Portable SSH OpenSSH < 3.7.1p2
MailEnable IMAP Service Multiple Buffer Overflow Vulnerabilities (ME-10021)
Symantec Storage Foundation VxSchedService.EXE Scheduler Service Authentication Bypass Vulnerability
Novell ZENworks Multiple Remote Pre-Authentication Buffer Overflow Vulnerabilities
WinProxy < 6.1a Multiple Vulnerabilities (registry check)
OpenLink web config buffer overflow
RealServer G2 buffer overrun
Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities
CA iTechnology iGateway Service Content-Length Buffer Overflow
Digital Mappings Systems POP3 Server overflow
OpenSSH < 3.7.1
Novell NetMail IMAP Agent Long Verb Arguments Buffer Overflow
SSH1 CRC-32 compensation attack
FreeBSD 2.x lpd Remote Overflow
AXIGEN Mail Server < 2.0.0 Multiple Remote Vulnerabilities (DoS, Overflow)
AT-TFTP Server Filename Handling Remote Overflow
Various pop3 overflows
Gnu Cfserv remote buffer overflow
IAXClient Truncated Frames Buffer Overflow Vulnerabilities
OpenSSL overflow (generic test)
IBM Tivoli Provisioning Manager OS Deployment Multiple Stack Overflow Vulnerabilities
Trend Micro ServerProtect AgRpcCln.dll Buffer Overflow
HTTP header overflow
SmartServer pop3 overflow
Samba TNG multiple flaws
Compaq WBEM HTTP Server Remote Overflow
CA License Service Multiple Vulnerabilities
3CTftpSvc Long Transport Mode Remote Overflow
EMC AlphaStor Library Manager Remote Code Execution
DeleGate Multiple Overflows
Helix RealServer Buffer Overrun
FTGate4 IMAP EXAMINE Command Remote Overflow
Microsoft IIS ASP ISAPI Filter Multiple Overflows
snmpXdmid overflow
GFI MailSecurity HTTP Management Interface Request Header Overflow
TESO in.telnetd buffer overflow
rsync array overflow
PXE server overflow
Hexamail Server pop3 Service USER Command Remote Overflow
ngIRCd Format String Vulnerability
IBM Tivoli Provisioning Manager for OS Deployment < 5.1.0.3 Interim Fix 3 HTTP Server Logging Functionality Remote Overflow
Wild TCL Shell Detection
DHCP server overflow / format string bug
CA Message Queuing Multiple Remote DoS
Imail imonitor Service Remote Overflow
INN Control Message overflow
FreeBSD Telnet Daemon Code Execution (FreeBSD-SA-09:05)
eIQnetworks Enterprise Security Analyzer EnterpriseSecurityAnalyzer.exe LICMGR_ADDLICENSE Command Remote Overflow
Microsoft IIS WebDAV ntdll.dll Remote Overflow (MS03-007)
Ipswitch IMail Server < 2006.21 Multiple Vulnerabilities
Novell Groupwise WebAccess GWINTER.EXE Remote Buffer Overflow
sadmind command execution
BrightStor ARCserve Backup Tape Engine and Portmapper Multiple Vulnerabilities (QO86255)
Computer Associates Multiple Products Message Queuing Remote Stack Buffer Overflow Vulnerability
DameWare Mini Remote Control Pre-Authentication Username Buffer Overflow Vulnerability
Qualcomm WorldMail IMAPD Buffer Overflow Vulnerability
MailEnable POP3 Server Authentication Vulnerabilities
Unreal secure remote buffer overflow
IA eMailServer IMAP SEARCH Command Remote Overflow
XtraMail POP3 Overflow
remwatch
RealNetworks Helix Server < 11.1.8/12.0.1 Multiple Vulnerabilities
Jordan Windows Telnet Server Password Handling Remote Overflow
CA ARCserve Backup RPC Interface (asdbapi.dll) Traversal Arbitrary Command Execution
SSH Multiple Vulns
Golden FTP Server Pro Multiple Command Remote Overflow DoS
Lotus Domino < 7.0.2 FP2 Multiple Vulnerabilities
Lotus Domino < 8.0.1 / 7.0.3 FP1 Multiple Vulnerabilities
INN Multiple Vulnerabilities
dtspcd Remote Overflow
rsync sanitize_path() Function Arbitrary File Disclosure
OpenSSH UseLogin Environment Variables
CommuniGate Pro HTTP Configuration Port Remote Overflow
Samba Mangling Overflow
MailEnable POP Service PASS Command Buffer Overflow (ME-10026)
SimpleServer remote execution
Buffer overflow in Microsoft Telnet
BlackBerry Enterprise Server PNG Attachment Buffer Overflow
HP OpenView Network Node Manager Multiple Services Remote Overflow
Knox Arkeia Backup Service Buffer Overflow
iPlanet unauthorized sensitive data retrieval
BrightStor ARCserve Backup Multiple Remote Vulnerabilities (QO91094)