CVE-2009-1120
First published: Wed Jan 15 2020(Updated: )
EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC Replistor | <esa-09-003 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2009-1120?
CVE-2009-1120 has been classified as a critical vulnerability due to its potential for remote code execution.
How do I fix CVE-2009-1120?
To fix CVE-2009-1120, upgrade your EMC RepliStor software to a version after ESA-09-003.
What is the impact of CVE-2009-1120?
The impact of CVE-2009-1120 allows an attacker to execute arbitrary code with the privileges of the RepliStor service.
Which software versions are affected by CVE-2009-1120?
CVE-2009-1120 affects EMC RepliStor Server Service versions prior to ESA-09-003.
How is CVE-2009-1120 exploited?
CVE-2009-1120 can be exploited by sending specially crafted packets to the vulnerable RPC function in the rep_srv.exe process.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/author
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/dell
- canonical/emc replistor