Detections
Analytics

EMC RepliStor rep_srv.exe Crafted TCP Packet Remote DoS (ESA-09-019)

medium Nessus Plugin ID 45371

Language:

Synopsis

The remote data recovery service is susceptible to a denial of service attack.

Description

According to its version, the EMC RepliStor Server service running on the remote host reportedly may crash while attempting to process a specially crafted network packet.

An unauthenticated, remote attacker can leverage this issue to deny service to legitimate users.

Solution

Upgrade to RepliStor 6.4 P2 / RepliStor 6.3 SP3 / RepliStor 6.2 SP5 P2 or later.

See Also

https://seclists.org/bugtraq/2009/Oct/148

Plugin Details

Severity: Medium

ID: 45371

File Name: emc_replistor_esa_09_019.nasl

Version: 1.12

Type: local

Agent: windows

Family: Misc.

Published: 3/29/2010

Updated: 10/25/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.1

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/12/2009

Vulnerability Publication Date: 10/20/2009

Exploitable With

Core Impact

Reference Information

CVE: CVE-2009-3744

BID: 36738

Secunia: 37092