CVSS: 7.1EPSS: 2%CPEs: 2EXPL: 0CVE-2010-1919
https://notcve.org/view.php?id=CVE-2010-1919
Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP. Vulnerabilidad sin especificar en EMC Avamar v4.1.x y v5.0 anterior a SP1 permite a atacantes remotos provocar una denegación de servicio (servicio gsan colgado) enviando un mensaje manipulado utilizando TCP. • http://archives.neohapsis.com/archives/bugtraq/2010-05/0254.html http://secunia.com/advisories/39919 http://securitytracker.com/id?1024036 http://www.packetstormsecurity.org/1005-advisories/ESA-2010-007.txt http://www.securityfocus.com/bid/40390 http://www.vupen.com/english/advisories/2010/1253 •
CVSS: 10.0EPSS: 95%CPEs: 29EXPL: 1CVE-2009-2754 – Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2009-2754
Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow. Error de entero sin signo en la funcionalidad de autenticación en librpc.dll en Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), tal y como se utiliza en IBM Informix Dynamic Server (IDS) v10.x anteriores a la v10.00.TC9 y v11.x anteriores a v11.10.TC3 y EMC Legato NetWorker, permite a atacantes remotos ejecutar código arbitrario a través de un parámetro manipulado en tamaño que inicia un desbordamiento de búfer basado en la pila. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of both IBM Informix Dynamic Server and EMC Legato Networker. User interaction is not required to exploit this vulnerability. The specific flaw exists within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. During authentication, a lack of a proper signedness check on a supplied parameter size can result in exploitable stack based buffer overflow leading to arbitrary code execution under the context of the SYSTEM user. • https://www.exploit-db.com/exploits/12109 http://knowledgebase.emc.com/emcice/login.do?sType=ax1990&sName=1204&id=emc183834 http://secunia.com/advisories/38731 http://www.ibm.com/support/docview.wss?uid=swg1IC55329 http://www.ibm.com/support/docview.wss?uid=swg1IC55330 http://www.securityfocus.com/archive/1/509793/100/0/threaded http://www.securityfocus.com/bid/38472 http://www.vupen.com/english/advisories/2010/0508 http://www.vupen.com/english/advisories/2010/0509 http:/ • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 14%CPEs: 2EXPL: 2CVE-2010-0620 – EMC HomeBase SSL Service Arbitrary File Upload Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0620
Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 allows remote attackers to overwrite arbitrary files with any content, and consequently execute arbitrary code, via a .. (dot dot) in an unspecified parameter. Una vulnerabilidad de salto del directorio en Servicio SSL en HomeBase Server de EMC, versiones 6.2.x anteriores a 6.2.3 y versiones 6.3.x anteriores a 6.3.2, permite a los atacantes remotos sobrescribir archivos arbitrarios con cualquier contenido y en consecuencia, ejecutar código arbitrario por medio de un .. (punto punto) en un parámetro no especificado. This vulnerability allows remote attackers to upload arbitrary files on vulnerable installations of EMC HomeBase Server. • https://www.exploit-db.com/exploits/17219 http://securityreason.com/securityalert/8230 http://www.securityfocus.com/archive/1/509723/100/0/threaded http://www.securityfocus.com/bid/38380 http://www.vupen.com/english/advisories/2010/0458 http://www.zerodayinitiative.com/advisories/ZDI-10-020 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 81%CPEs: 1EXPL: 3CVE-2009-3744 – EMC RepliStor Server 6.3.1.3 - Denial of Service
https://notcve.org/view.php?id=CVE-2009-3744
rep_serv.exe 6.3.1.3 in the server in EMC RepliStor allows remote attackers to cause a denial of service via a crafted packet to TCP port 7144. rep_serv.exe v6.3.1.3 en el servidor en EMC RepliStor permite a atacantes remotos causar una denegación de servicio a través del un paquete manipulado al puerto TCP 7144. • https://www.exploit-db.com/exploits/9879 http://retrogod.altervista.org/9sg_emc_repli_crash.html http://www.securityfocus.com/archive/1/507322/100/0/threaded http://www.securityfocus.com/bid/36738 •
CVSS: 9.3EPSS: 94%CPEs: 1EXPL: 3CVE-2009-3573 – EMC Captiva PixTools 2.2 Distributed Imaging - ActiveX Control Multiple Insecure Method Vulnerabilities
https://notcve.org/view.php?id=CVE-2009-3573
Multiple insecure method vulnerabilities in the PDIControl.PDI.1 ActiveX control (PDIControl.dll) 2.2.3160.0 in EMC Captiva PixTools Distributed Imaging 2.2 allow remote attackers to create or overwrite arbitrary files via the (1) SetLogFileName and (2) WriteToLog methods. Múltiples vulnerabilidades de método inseguro en el control ActiveX PDIControl.PDI.1 (PDIControl.dll) v2.2.3160.0 en EMC Captiva PixTools Distributed Imaging v2.2 permite a atacantes remotos crear o sobrescribir ficheros de forma arbitraria a traves de los métodos (1) SetLogFileName y (2) WriteToLog. • https://www.exploit-db.com/exploits/33263 http://secunia.com/advisories/36896 http://www.securityfocus.com/bid/36566 http://www.shinnai.net/xplits/TXT_17zVMhRhsRE6qC6DAj52.html http://www.vupen.com/english/advisories/2009/2808 https://exchange.xforce.ibmcloud.com/vulnerabilities/53555 •