Intrusion Prevention

HP.StorageWorks.Storage.Mirroring.Authentication.Overflow

Description

This indicates an attempt to exploit a stack-based buffer-overflow vulnerability in the HP StorageWorks Storage Mirroring software.
The vulnerability is caused by an error when the vulnerable software handles authentication requests. It allows a remote attacker to execute arbitrary code via sending a crafted packet. Note that no authentication is required to exploit this issue.

Affected Products

HP StorageWorks Storage Mirroring software v4.5
HP StorageWorks Storage Mirroring software v4.5 Service Pack 1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Upgrade to HP StorageWorks Storage Mirroring software v4.5 Service Pack 2 (SP2) available at the following URL: http://www.doubletake.com/products/double-take/default.aspx

CVE References

CVE-2008-1661