CVSS: 10.0EPSS: 93%CPEs: 1EXPL: 0CVE-2015-0538 – EMC AutoStart ftAgent Multiple Opcode SQL Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0538
ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allows remote attackers to execute arbitrary commands via crafted packets. ftagent.exe en EMC AutoStart 5.4.x y 5.5.x anterior a 5.5.0.508 HF4 permite a atacantes remotos ejecutar comandos arbitrarios a través de paquetes manipulados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart. Authentication is required to exploit this vulnerability, but can be easily bypassed. The specific flaw exists within ftAgent.exe which listens on TCP port 8045, when handling numerous opcodes. The vulnerability is caused by lack of input validation before using a remotely supplied string to construct SQL queries. By sending a crafted request to a vulnerable system, a remote attacker can exploit this vulnerability to execute arbitrary code in the context of SYSTEM. • http://packetstormsecurity.com/files/131749/EMC-AutoStart-5.4.3-5.5.0-Packet-Injection.html http://seclists.org/bugtraq/2015/May/25 http://www.kb.cert.org/vuls/id/581276 http://www.securitytracker.com/id/1032237 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 10.0EPSS: 91%CPEs: 7EXPL: 0CVE-2012-0409 – EMC AutoStart ftAgent Opcode 0x2d Subcode 0x1194 Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-0409
Multiple buffer overflows in EMC AutoStart 5.3.x and 5.4.x before 5.4.3 allow remote attackers to cause a denial of service (agent crash) or possibly execute arbitrary code via crafted packets. Múltiples desbordamientos de búfer en EMC AutoStart v5.3.x y v5.4.x antes de v5.4.3, permite a atacantes remotos causar una denegación de servicio (caída del agente) o posiblemente ejecutar código arbitrario a través de paquetes manipulados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. • http://www.securityfocus.com/archive/1/522835 http://www.securityfocus.com/bid/53682 http://www.securitytracker.com/id?1027100 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •