Metasploit modules that can be used to exploit EMC products
-
EMC CTA v10.0 Unauthenticated XXE Arbitrary File Read
Disclosure Date: 2014-03-31First seen: 2020-04-26auxiliary/gather/emc_cta_xxeEMC CTA v10.0 is susceptible to an unauthenticated XXE attack that allows an attacker to read arbitrary files from the file system with the permissions of the root user. Authors: - Brandon Perry <bperry.volatile@gmail.com> -
EMC AlphaStor Device Manager Opcode 0x75 Command Injection
Disclosure Date: 2013-01-18First seen: 2020-04-26exploit/windows/emc/alphastor_device_manager_execThis module exploits a flaw within the Device Manager (rrobtd.exe). When parsing the 0x75 command, the process does not properly filter user supplied input allowing for arbitrary command injection. This module has been tested successfully on EMC AlphaStor 4.0 build 116 with Windows 2003 SP2 and Windows 2008 R2. Authors: - Anyway <Aniway.Anyway@gmail.com> - Preston Thornburn <prestonthornburg@gmail.com> - Mohsan Farid <faridms@gmail.com> - Brent Morris <inkrypto@gmail.com> - juan vazquez <juan.vazquez@metasploit.com> -
EMC Networker Format String
Disclosure Date: 2012-08-29First seen: 2020-04-26exploit/windows/emc/networker_format_stringThis module exploits a format string vulnerability in the lg_sprintf function as implemented in liblocal.dll on EMC Networker products. This module exploits the vulnerability by using a specially crafted RPC call to the program number 0x5F3DD, version 0x02, and procedure 0x06. This module has been tested successfully on EMC Networker 7.6 SP3 on Windows XP SP3 and Windows 2003 SP2 (DEP bypass). Authors: - Aaron Portnoy - Luigi Auriemma <aluigi@autistici.org> - juan vazquez <juan.vazquez@metasploit.com> -
EMC Replication Manager Command Execution
Disclosure Date: 2011-02-07First seen: 2020-04-26exploit/windows/emc/replication_manager_execThis module exploits a remote command-injection vulnerability in EMC Replication Manager client (irccd.exe). By sending a specially crafted message invoking RunProgram function an attacker may be able to execute arbitrary commands with SYSTEM privileges. Affected products are EMC Replication Manager < 5.3. This module has been successfully tested against EMC Replication Manager 5.2.1 on XP/W2003. EMC Networker Module for Microsoft Applications 2.1 and 2.2 may be vulnerable too although this module have not been tested against these products. Authors: - Unknown - Davy Douhine -
EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow
Disclosure Date: 2009-09-29First seen: 2020-04-26exploit/windows/fileformat/emc_appextender_keyworksThis module exploits a stack buffer overflow in the KeyWorks KeyHelp ActiveX Control (KeyHelp.ocx 1.2.3120.0). This ActiveX Control comes bundled with EMC's Documentation ApplicationXtender 5.4. Authors: - MC <mc@metasploit.com>
3 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details