virus logo Intrusion Prevention

Veritas.Storage.Foundation.Administrator.Service.Heap.Overflow

description-logoDescription

This indicates an attempt to exploit a heap overflow vulnerability in Symantec VERITAS Storage Foundation.
The vulnerability is caused by a boundry error in vxvea3.dll that occurs when handling a malformed udp packet sent to udp port 3207(administrator service). It allows remote attackers to cause memory corruption or execute arbitrary code via a specially crafted udp packet.

affected-products-logoAffected Products

Veritas Storage Foundation 5.0

Impact logoImpact

System Compromise: remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's web site for a suggested workaround.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2023-08-10 25.619 Name:Symantec.
VERITAS.
Administrator.
Service.
Heap.
Overflow:Veritas.
Storage.
Foundation.
Administrator.
Service.
Heap.
Overflow

References

http://secunia.com/advisories/29050/ http://www.zerodayinitiative.com/advisories/ZDI-08-007.html
ID 15434
Created Feb 26, 2008
Updated Aug 09, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2008-0638
Exploit Prediction Score 92.76%
Default Action drop
Active
Affected OS Windows
Affected App Other