Fortinet Discovers EMC RepliStor Integer Overflow Vulnerability
Fortinet's FortiGuard Labs has discovered an integer overflow vulnerability in EMC RepliStor.
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released Mar 30, 2009
Users should apply the solution provided by EMC.
A remote, unauthenticated user may connect over TCP to the "ctrlservice.exe" or "rep_srv.exe" process and send a specially-crafted message to cause a heap based buffer overflow, which can result in arbitrary code execution.
Xiaopeng Zhang and Zhenhua Liu of Fortinet's FortiGuard Global Security Research Team