|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-04-22 | |
| Rule Name: | EMC Autostart Ftagent Opcode 85 Subcode 33 SQL Injection Vulnerability -1 (CVE-2015-0538) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allows remote attackers to execute arbitrary commands via crafted packets. | |
| Impact: | A remote unauthenticated attacker can leverage this vulnerability by sending malicious requests to the ftagent process. Successful exploitation will result in execution of arbitrary code with SYSTEM privileges on Windows platforms or root privileges on Unix-like systems. | |
| Affected OS: | Windows | |
| Reference: | SecurityTrackerID:1032237 http://packetstormsecurity.com/files/131749/EMC-AutoStart-5.4.3-5.5.0-Packet-Injection.html http://seclists.org/bugtraq/2015/May/25 http://www.kb.cert.org/vuls/id/581276 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://www.emc.com/storage/autostart.htm |