Intrusion Prevention

EMC.AlphaStor.Library.Manager.Arbitrary.Command.Execution

Description

This indicates an attack attempt against an Arbitrary Command Execution vulnerability in EMC AlphaStor.
The vulnerability is caused by the improper validation of requests prior to them being passed as arguments. Remote attackers can exploit this to execute arbitrary commands on vulnerable systems.

Affected Products

EMC AlphaStor 3.1 SP1
EMC AlphaStor 4.0 prior to build 800

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's website for a patch.
http://www.emc.com
Apply the latest update from the vendor.
http://seclists.org/bugtraq/2013/Jan/att-78/ESA-2012-008.txt