Vulnerability Note VU#581276
EMC AutoStart is vulnerable to remote code execution via specially crafted packets
EMC AutoStart, version 5.5.0 and earlier, is vulnerable to remote command execution via specially crafted packets.
EMC AutoStart is an enterprise software application developed to help networks and service maintain a high level of availability. AutoStart can manage clusters of applications or nodes as well as single instances.
Affected versions of EMC AutoStart fail to communicate securely between nodes, leading to the possibility of packet injection. Remote code execution with SYSTEM or root privileges is possible for attackers with knowledge of the AutoStart domain name. By sending crafted packets to the ftagent running on the remote system, it is possible to run commands to write and execute data to an absolute or relative file path on the remote system.
A remote, unauthenticated user may be able to execute arbitrary commands with SYSTEM or root privileges.
Apply an update
Use a firewall to limit access
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|EMC Corporation||Affected||08 Sep 2014||28 Apr 2015|
CVSS Metrics (Learn More)
Thanks to the reporter who wishes to remain anonymous.
This document was written by Garret Wassermann.
- CVE IDs: CVE-2015-0538
- Date Public: 30 Apr 2015
- Date First Published: 30 Apr 2015
- Date Last Updated: 30 Apr 2015
- Document Revision: 38
If you have feedback, comments, or additional information about this vulnerability, please send us email.