Vulnerabilities > CVE-2009-1120 - Unspecified vulnerability in Dell EMC Replistor
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://www.zerodayinitiative.com/advisories/ZDI-09-068/
- http://www.zerodayinitiative.com/advisories/ZDI-09-068/
- https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution
- https://fortiguard.com/encyclopedia/ips/17967/emc-replistor-server-service-doasocommand-code-execution