EMC AutoStart < 5.5.0 HF4 ftAgent Remote Code Execution

High Nessus Plugin ID 83474


The remote host is affected by a remote code execution vulnerability.


The remote host is running a version of the EMC AutoStart ftAgent that is affected by a remote code execution vulnerability due to a failure to communicate securely between nodes. An unauthenticated, remote attacker can exploit this, via specially crafted packets, to execute arbitrary commands on the remote host with root or SYSTEM privileges.


Upgrade to EMC AutoStart (HF4).

See Also


Plugin Details

Severity: High

ID: 83474

File Name: emc_autostart_ftagent_esa-2015-084.nasl

Version: $Revision: 1.2 $

Type: remote

Family: Misc.

Published: 2015/05/14

Modified: 2015/05/15

Dependencies: 61490

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:emc:autostart

Required KB Items: emc/autostart/ftagent/version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2015/04/30

Vulnerability Publication Date: 2015/04/30

Reference Information

CVE: CVE-2015-0538

BID: 74426

OSVDB: 121542

CERT: 581276