5.0.0.2865

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

double-take-software

NVD

Published: 2008-02-25

Updated: 2024-11-21

Summary

Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (CPU consumption) via a -1 value in the field that specifies the size of the vector<T> value.

Vulnerable Configurations

Part	Description	Count
Application	Double-Take_Software Double Take Software Double Take 5.0.0.2865 Double Take Software Double Take 4.5	2

Statements

contributor
lastmodified	2009-05-08
organization	Double-Take
statement	This issue was fixed in version 5.1 which was released July 11, 2008

References

http://aluigi.altervista.org/adv/doubletakedown-adv.txt
http://aluigi.altervista.org/adv/doubletakedown-adv.txt
http://aluigi.org/poc/doubletakedown.zip
http://aluigi.org/poc/doubletakedown.zip
http://secunia.com/advisories/29075
http://secunia.com/advisories/29075
http://securityreason.com/securityalert/3698
http://securityreason.com/securityalert/3698
http://www.securityfocus.com/archive/1/488632/100/0/threaded
http://www.securityfocus.com/archive/1/488632/100/0/threaded
http://www.securityfocus.com/bid/27951
http://www.securityfocus.com/bid/27951
http://www.vupen.com/english/advisories/2008/0666
http://www.vupen.com/english/advisories/2008/0666