CVE-2008-2158

Related Files

EMC AlphaStor Agent Buffer Overflow

Posted Nov 26, 2009

Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in EMC AlphaStor 3.1. By sending a specially crafted message, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary

advisories | CVE-2008-2158

SHA-256 | 8d5b6a48b3d7f5a8de8e276bf81f237545164da6f22f4d76a285254c369b1853

Download | Favorite | View

iDEFENSE Security Advisory 2008-05-27.1

Posted May 27, 2008

Authored by iDefense Labs, Sean Larsson, Stephen Fewer | Site idefense.com

iDefense Security Advisory 05.27.08 - Remote exploitation of multiple stack based buffer overflow vulnerabilities in EMC Corp.'s AlphaStor could allow an attacker to execute arbitrary code with SYSTEM privileges. AlphaStor consists of multiple applications, one of which is the Server Agent. The Server Agent is one of the core components of AlphaStor, and is used to initiate disk management requests. The Agent consists of several processes, one of which is the AlphaStor Command Line Interface process. This process listens on TCP port 41025, and is prone to multiple stack based buffer overflow vulnerabilities. iDefense has confirmed the existence of these vulnerabilities in AlphaStor version 3.1 SP1 for Windows. Previous versions, as well as versions for other platforms, may also be affected.

tags | advisory, remote, overflow, arbitrary, tcp, vulnerability

systems | windows

advisories | CVE-2008-2158

SHA-256 | 8da9b9e7f94fd0d1345754a53a84aca4080928bbb8dcd14ed122e9038bc29440

Download | Favorite | View