Release date:
Updated on: 2013-01-23
Affected Systems:
EMC AlphaStor 4.0
Description:
--------------------------------------------------------------------------------
Bugtraq id: 57472
CVE (CAN) ID: CVE-2013-0929
AlphaStor is an application component used to manage disks.
The _ vsnsprintf function in rrobotd.exe of Device managerin versions earlier than EMC AlphaStor 4.0 Build 800 has a security vulnerability that allows remote attackers to execute arbitrary code by specifying the format string in the command.
<* Source: Aniway.Anyway@gmail.com
Link: http://web.nvd.nist.gov/view/vuln/detail? VulnId = CVE-2013-0929
Http://archives.neohapsis.com/archives/bugtraq/2013-01/att-0078/ESA-2012-008.txt
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
EMC
---
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.emc.com/products/storage_management/navisphere.jsp