You are here

T-699: EMC AutoStart Buffer Overflows Let Remote Users Execute Arbitrary Code

August 23, 2011 - 3:35pm

Addthis

PROBLEM:

A vulnerability was reported in EMC AutoStart. A remote user can execute arbitrary code on the target system.

PLATFORM:

EMC AutoStart 5.3.x and EMC AutoStart 5.4.x

ABSTRACT:

EMC AutoStart Buffer Overflows Let Remote Users Execute Arbitrary Code.

referenceĀ  LINKS:

SecurityTracker Alert ID: 1025958
ESA-2011-025
EMC Product Report
CVE-2011-2735
Secunia ID: SA45703

IMPACT ASSESSMENT:

High

Discussion:

EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application.
Multiple vulnerabilities have been reported in EMC Autostart, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.
The vulnerabilities are caused due to unspecified errors and can be exploited to cause buffer overflows via specially crafted messages. Successful exploitation may allow execution of arbitrary code.

Impact:

EMC AutoStart contains multiple buffer overflow vulnerabilities. The vulnerabilities may allow an unauthenticated user to send a specially-crafted message over TCP to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application.
DoS (Denial of Service), vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system.
System access, vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user.

Solution:

The following EMC AutoStart products contain updates to address these issues.
EMC AutoStart Technical Info
EMC Support

Addthis