Vulnerabilities > EMC

DATE CVE VULNERABILITY TITLE RISK
2008-12-10 CVE-2008-5419 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in EMC Control Center 5.2/6.0
Stack-based buffer overflow in SAN Manager Master Agent service (aka msragent.exe) in EMC Control Center 5.2 SP5 and 6.0 allows remote attackers to execute arbitrary code via multiple SST_CTGTRANS requests.
network
low complexity
emc CWE-119
critical
10.0
2008-07-30 CVE-2008-3370 SQL Injection vulnerability in EMC Centera Universal Access 4.04735
SQL injection vulnerability in the CUA Login Module in EMC Centera Universal Access (CUA) 4.0_4735.p4 allows remote attackers to execute arbitrary SQL commands via the user (user name) field.
network
low complexity
emc CWE-89
7.5
2008-07-24 CVE-2008-3288 Cryptographic Issues vulnerability in EMC Dantz Retrospect Backup Server 7.5.508
The Server Authentication Module in EMC Dantz Retrospect Backup Server 7.5.508 uses a "weak hash algorithm," which makes it easier for context-dependent attackers to recover passwords.
network
low complexity
emc CWE-310
5.0
2008-04-14 CVE-2008-0963 USE of Externally-Controlled Format String vulnerability in EMC Diskxtender 6.20.060
Format string vulnerability in EMC DiskXtender MediaStor 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted message to the RPC interface.
network
low complexity
emc CWE-134
critical
9.0
2008-04-14 CVE-2008-0962 Buffer Errors vulnerability in EMC Diskxtender 6.20.060
Stack-based buffer overflow in the File System Manager for EMC DiskXtender 6.20.060 allows remote authenticated users to execute arbitrary code via a crafted request to the RPC interface.
network
low complexity
emc CWE-119
critical
9.0
2008-04-14 CVE-2008-0961 Use of Hard-coded Credentials vulnerability in EMC Diskxtender 6.20.060
EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to bypass authentication via the RPC interface.
network
low complexity
emc CWE-798
critical
9.8
2008-02-21 CVE-2007-6426 Buffer Errors vulnerability in EMC Replistor 6.2Sp2
Multiple heap-based buffer overflows in EMC RepliStor 6.2 SP2, and possibly earlier versions, allow remote attackers to execute arbitrary code via crafted compressed data.
network
low complexity
emc CWE-119
7.8
2008-02-07 CVE-2008-0656 Improper Input Validation vulnerability in EMC Documentum Administrator and Documentum Webtop
Unrestricted file upload vulnerability in dmclTrace.jsp in EMC Documentum Administrator 5.3.0.313 and Webtop 5.3.0.317 allows remote attackers to overwrite arbitrary files via the filename attribute.
network
low complexity
emc CWE-20
critical
10.0
2007-10-11 CVE-2007-5323 Buffer Errors vulnerability in EMC Replistor 6.1.3
The RepliStor Server Service in EMC Replistor 6.1.3 allows remote attackers to execute arbitrary code via a size value that causes RepliStor to create a smaller buffer than expected, which triggers a buffer overflow when that buffer is used in a recv function call.
network
low complexity
emc CWE-119
critical
10.0
2007-09-21 CVE-2007-5024 Cryptographic Issues vulnerability in EMC VMWare Server 1.0.4/1.0.4Build56528
EMC VMware Server before 1.0.4 Build 56528 writes passwords in cleartext to unspecified log files, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2005-3620.
local
low complexity
emc CWE-310
2.1