|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs Security Advisories.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=703
|
| |
Vulnerable Systems:
* EMC AlphaStor version 3.1 SP1 for Windows
AlphaStor consists of multiple applications, one of which is the Library Manager. The Library Manager is used to manage the replacement of disk drives in distributed locations. The Manager consists of a single process, the "robotd" process, that listens on TCP port 3500 for incoming connections.
The Library Manager is prone to an arbitrary command execution vulnerability. When sent a specific request, "robotd" will use a string from the packet as a command to execute on the system via the CreateProcess() function. This allows an attacker to run arbitrary programs on the host with SYSTEM privileges.
Analysis:
Exploitation of this vulnerability results in the execution of arbitrary code with the privileges of the affected service, usually SYSTEM. The vulnerability occurs before any authentication, so it can be exploited by anonymous attackers with the ability to create a TCP connection to port 3500 on the server.
Since the vulnerability allows an attacker to run arbitrary programs with arbitrary arguments, little skill is required for exploitation.
Vendor response:
"EMC has issued updates to correct this issue. More details can be found in knowledgebase article emc186391 available from powerlink.emc.com. EMC customers can further contact EMC Software Technical Support at 1-877-534-2867."
CVE Information:
CVE-2008-2157
Disclosure timeline:
04/16/2008 - Initial vendor response
04/16/2008 - Initial vendor notification
05/27/2008 - Coordinated public disclosure
|
|
|
|
|
