CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.1%
Added: 06/16/2008
CVE: CVE-2008-1661
OSVDB: 45924
HP StorageWorks is a virtualized storage solution for mid-sized customers.
A buffer overflow vulnerability in the **DoubleTake.exe**
process allows remote attackers to execute arbitrary commands by sending a long, specially crafted encoded authentication request.
Download HP StorageWorks Storage Mirroring 4.5 SP2 or 5.0 or higher.
<http://archives.neohapsis.com/archives/bugtraq/2008-06/0015.html>
<http://www.zerodayinitiative.com/advisories/ZDI-08-034/>
Exploit works on HP StorageWorks Storage Mirroring 4.5.0.1653.
Windows