CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 0CVE-2008-3287
https://notcve.org/view.php?id=CVE-2008-3287
retroclient.exe in EMC Dantz Retrospect Backup Client 7.5.116 allows remote attackers to cause a denial of service (daemon crash) via malformed packets to TCP port 497, which trigger a NULL pointer dereference. retroclient.exe en EMC Dantz Retrospect Backup Client 7.5.116 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante paquetes TCP mal formados al puerto 497, lo que dispara una referencia a puntero nulo. • http://kb.dantz.com/display/2/articleDirect/index.asp?aid=9692&r=0.5160639 http://secunia.com/advisories/31186 http://securityreason.com/securityalert/4031 http://www.fortiguardcenter.com/advisory/FGA-2008-16.html http://www.securityfocus.com/archive/1/494562/100/0/threaded http://www.securityfocus.com/bid/30313 http://www.vupen.com/english/advisories/2008/2150/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43926 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2008-3288
https://notcve.org/view.php?id=CVE-2008-3288
The Server Authentication Module in EMC Dantz Retrospect Backup Server 7.5.508 uses a "weak hash algorithm," which makes it easier for context-dependent attackers to recover passwords. El Server Authentication Module de EMC Dantz Retrospect Backup Server 7.5.508 utiliza un "algoritmo hash débil", lo que facilita a atacantes dependientes del contexto recuperar contraseñas. • http://kb.dantz.com/display/2/articleDirect/index.asp?aid=9692&r=0.5160639 http://secunia.com/advisories/31186 http://securityreason.com/securityalert/4026 http://www.fortiguardcenter.com/advisory/FGA-2008-16.html http://www.securityfocus.com/archive/1/494636/100/0/threaded http://www.securityfocus.com/bid/30319 http://www.securitytracker.com/id?1020534 http://www.vupen.com/english/advisories/2008/2150/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43935 • CWE-310: Cryptographic Issues •
CVSS: 10.0EPSS: 15%CPEs: 1EXPL: 0CVE-2008-2157 – EMC AlphaStor Device Manager Arbitrary Command Execution
https://notcve.org/view.php?id=CVE-2008-2157
robotd in the Library Manager in EMC AlphaStor 3.1 SP1 for Windows allows remote attackers to execute arbitrary commands via an unspecified string field in a packet to TCP port 3500. robotd en la Library Manager de EMC AlphaStor 3.1 SP1 para Windows, permite a atacantes remotos ejecutar comandos de su elección mediante un campo de cadena no especificado en un paquete al puerto TCP 3500. EMC AlphaStor Library Manager is prone to a remote command-injection vulnerability because the application fails to properly sanitize user-supplied input. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=703 http://secunia.com/advisories/30410 http://securitytracker.com/id?1020116 http://www.vupen.com/english/advisories/2008/1670 https://exchange.xforce.ibmcloud.com/vulnerabilities/42671 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 65%CPEs: 1EXPL: 1CVE-2008-2158 – EMC AlphaStor Agent - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-2158
Multiple stack-based buffer overflows in the Command Line Interface process in the Server Agent in EMC AlphaStor 3.1 SP1 for Windows allow remote attackers to execute arbitrary code via crafted TCP packets to port 41025. Múltiples desbordamientos de búfer basados en pila en el proceso de Interfaz de Línea de Comandos (Command Line Interface) en el Server Agent en EMC AlphaStor 3.1 SP1 para Windows permite a atacantes remotos ejecutar código de su elección mediante paquetes TCP manipulados al puerto 41025. • https://www.exploit-db.com/exploits/16391 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=702 http://secunia.com/advisories/30410 http://securitytracker.com/id?1020115 http://www.securityfocus.com/bid/29399 http://www.vupen.com/english/advisories/2008/1670 https://exchange.xforce.ibmcloud.com/vulnerabilities/42669 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 2%CPEs: 1EXPL: 0CVE-2008-0963
https://notcve.org/view.php?id=CVE-2008-0963
Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface. Vulnerabilidad de Formato de Cadena en EMC DiskXtender MediaStor 6.20.060, permite a usuarios remotos autenticados ejecutar código de su elección a través de un mensaje manipulado al interfaz RPC. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=685 http://secunia.com/advisories/29778 http://www.osvdb.org/44417 http://www.securityfocus.com/bid/28727 http://www.securityfocus.com/bid/28729 http://www.securitytracker.com/id?1019829 http://www.vupen.com/english/advisories/2008/1198/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41773 • CWE-134: Use of Externally-Controlled Format String •