Lucene search
Titon of BastardLabsZDI-08-034HistoryJun 04, 2008 - 12:00 a.m.
Hewlett-Packard StorageWorks Storage Mirroring Authentication Processing Stack Overflow Vulnerability
2008-06-0400:00:00
Titon of BastardLabs
www.zerodayinitiative.com
12
EPSS
0.929
Percentile
99.1%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard StorageWorks Storage Mirroring. Authentication is not required to exploit this vulnerability. The specific flaw exists in the DoubleTake.exe process bound by default on TCP ports 1100, 1106 and UDP port 1105. During the handling of an encoded authentication request, the process copies the user-supplied login information into a fixed length stack buffer. Sending at least 256 bytes will trigger a stack based buffer overflow due to a vulnerable processing loop. Exploitation of this issue can result in arbitrary code execution.
Related
saint
saint
seebug
seebug
HP StorageWorksεε¨ιεθ½―δ»ΆθΏη¨ζ ζΊ’εΊζΌζ΄
2008-06-18 00:00:00
securityvulns
securityvulns
prion
prion
Stack overflow
2008-06-04 19:32:00
metasploit
metasploit
DoubleTake/HP StorageWorks Storage Mirroring Service Authentication Overflow
2008-06-06 04:39:44
cve
cve
CVE-2008-1661
2008-06-04 19:32:00
cvelist
cvelist
CVE-2008-1661
2008-06-04 19:17:00
exploitdb
exploitdb
packetstorm
packetstorm
DoubleTake/HP StorageWorks Storage Mirroring Service Authentication Overflow
2009-11-26 00:00:00
hpstorage-meta.txt
2008-06-05 00:00:00
checkpoint_advisories
checkpoint_advisories
nvd
nvd
CVE-2008-1661
2008-06-04 19:32:00