MitreCVE-2007-1593CVE-2007-1593
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
84.5%
The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows 3.1 through 4.3, and VVR for Unix 3.5 through 5.0, in Symantec Storage Foundation products allows remote attackers to cause a denial of service (memory consumption and service crash) via a crafted packet to the service port (8199/tcp) that triggers a request for more memory than available, which causes the service to write to an invalid pointer.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | veritas_volume_replicator | 3.1 | cpe:2.3:a:symantec:veritas_volume_replicator:3.1:*:windows:*:*:*:*:* |
| symantec | veritas_volume_replicator | 3.5 | cpe:2.3:a:symantec:veritas_volume_replicator:3.5:*:unix:*:*:*:*:* |
| symantec | veritas_volume_replicator | 4.0 | cpe:2.3:a:symantec:veritas_volume_replicator:4.0:*:unix:*:*:*:*:* |
| symantec | veritas_volume_replicator | 4.1 | cpe:2.3:a:symantec:veritas_volume_replicator:4.1:*:unix:*:*:*:*:* |
| symantec | veritas_volume_replicator | 4.1 | cpe:2.3:a:symantec:veritas_volume_replicator:4.1:*:windows:*:*:*:*:* |
| symantec | veritas_volume_replicator | 4.1 | cpe:2.3:a:symantec:veritas_volume_replicator:4.1:rp1:windows:*:*:*:*:* |
| symantec | veritas_volume_replicator | 4.2 | cpe:2.3:a:symantec:veritas_volume_replicator:4.2:*:windows:*:*:*:*:* |
| symantec | veritas_volume_replicator | 4.2 | cpe:2.3:a:symantec:veritas_volume_replicator:4.2:rp1:windows:*:*:*:*:* |
| symantec | veritas_volume_replicator | 4.2 | cpe:2.3:a:symantec:veritas_volume_replicator:4.2:rp2:windows:*:*:*:*:* |
| symantec | veritas_volume_replicator | 4.3 | cpe:2.3:a:symantec:veritas_volume_replicator:4.3:*:windows:*:*:*:*:* |
References
cirt.dk/advisories/cirt-53-advisory.txt
labs.idefense.com/intelligence/vulnerabilities/display.php?id=539
osvdb.org/36102
secunia.com/advisories/25516
www.securityfocus.com/bid/24160
www.securitytracker.com/id?1018184
www.symantec.com/avcenter/security/Content/2007.06.01a.html
www.vupen.com/english/advisories/2007/2036
exchange.xforce.ibmcloud.com/vulnerabilities/34676
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
84.5%