Update Protection against EMC RepliStor rep_srv and ctrlservice Denial of Service
| Check Point Reference: | CPAI-2009-309 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA37092 | |
| Industry Reference(s): | CVE-2009-3744 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? EMC RepliStor 6.3.1.3 and prior | ||
| Vulnerability Description A denial of service vulnerability exists in EMC RepliStor. EMC RepliStor is a data recovery and protection system designed for Microsoft Windows. The vulnerability is due to an input validation error while parsing a specially crafted packet sent to 'rep_srv.exe' and 'ctrlservice.exe' services. Successful exploitation would cause a denial of service condition. |
||
|
Update/Patch Available The vendor, EMC, has released an advisory addressing this vulnerability:https://powerlink.emc.com/ |
|
|
Vulnerability Details The vulnerability is due to insufficient bounds checking on user supplied data while allocating a heap buffer for sepecific EMC packets. Remote unauthenticated attackers can exploit this vulnerability by sending a malicious packet to the services on ports 7144/TCP and 7145/TCP. |
Protection Overview IPS-1 will detect and block certain malicious packets being sent to the EMC RepliStor process.
To configure the defense, select your product from the list below and follow the related protection steps.