Lucene search

[email protected]CVE-2011-0547

HistoryAug 19, 2011 - 9:55 p.m.

CVE-2011-0547

2011-08-1921:55:01

CWE-189

[email protected]

web.nvd.nist.gov

cve-2011-0547

veritas

symantec

storage foundation

integer overflow

buffer overflow

remote code execution

netbackup puredisk

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.5 High

AI Score

Confidence

Low

0.944 High

EPSS

Percentile

99.2%

JSON

Multiple integer overflows in vxsvc.exe in the Veritas Enterprise Administrator service in Symantec Veritas Storage Foundation 5.1 and earlier, Veritas Storage Foundation Cluster File System (SFCFS) 5.1 and earlier, Veritas Storage Foundation Cluster File System Enterprise for Oracle RAC (SFCFSORAC) 5.1 and earlier, Veritas Dynamic Multi-Pathing (DMP) 5.1, and NetBackup PureDisk 6.5.x through 6.6.1.x allow remote attackers to execute arbitrary code via (1) a crafted Unicode string, related to the vxveautil.value_binary_unpack function; (2) a crafted ASCII string, related to the vxveautil.value_binary_unpack function; or (3) a crafted value, related to the vxveautil.kv_binary_unpack function, leading to a buffer overflow.

Affected configurations

NVD

Node

symantecveritas_dynamic_multi-pathingMatch5.1

symantecveritas_storage_foundationRange≤5.1

symantecveritas_storage_foundationMatch5.0

symantecveritas_storage_foundation_cluster_file_system_for_oracle_racRange≤5.1

symantecveritas_storage_foundation_cluster_file_system_for_oracle_racMatch5.0

Node

symantecnetbackup_purediskMatch6.5.0.1

symantecnetbackup_purediskMatch6.5.1

symantecnetbackup_purediskMatch6.5.1.1

symantecnetbackup_purediskMatch6.5.1.2

symantecnetbackup_purediskMatch6.6.1

symantecnetbackup_purediskMatch6.6.1.1

symantecnetbackup_purediskMatch6.6.1.2

CPENameOperatorVersion
symantec:veritas_dynamic_multi-pathingsymantec veritas dynamic multi-pathingeq5.1
symantec:veritas_storage_foundationsymantec veritas storage foundationle5.1
symantec:veritas_storage_foundationsymantec veritas storage foundationeq5.0
symantec:veritas_storage_foundation_cluster_file_system_for_oracle_racsymantec veritas storage foundation cluster file system for oracle racle5.1
symantec:veritas_storage_foundation_cluster_file_system_for_oracle_racsymantec veritas storage foundation cluster file system for oracle raceq5.0

CPE	Name	Operator	Version
symantec:veritas_dynamic_multi-pathing	symantec veritas dynamic multi-pathing	eq	5.1
symantec:veritas_storage_foundation	symantec veritas storage foundation	le	5.1
symantec:veritas_storage_foundation	symantec veritas storage foundation	eq	5.0
symantec:veritas_storage_foundation_cluster_file_system_for_oracle_rac	symantec veritas storage foundation cluster file system for oracle rac	le	5.1
symantec:veritas_storage_foundation_cluster_file_system_for_oracle_rac	symantec veritas storage foundation cluster file system for oracle rac	eq	5.0