Metasploit modules that can be used to exploit EMC products

Order by Disclosure Date Module Name Module Type
  • EMC CTA v10.0 Unauthenticated XXE Arbitrary File Read
    Disclosure Date: 2014-03-31
    First seen: 2020-04-26
    auxiliary/gather/emc_cta_xxe
    EMC CTA v10.0 is susceptible to an unauthenticated XXE attack that allows an attacker to read arbitrary files from the file system with the permissions of the root user. Authors: - Brandon Perry <bperry.volatile@gmail.com>
  • EMC AlphaStor Device Manager Opcode 0x75 Command Injection
    Disclosure Date: 2013-01-18
    First seen: 2020-04-26
    exploit/windows/emc/alphastor_device_manager_exec
    This module exploits a flaw within the Device Manager (rrobtd.exe). When parsing the 0x75 command, the process does not properly filter user supplied input allowing for arbitrary command injection. This module has been tested successfully on EMC AlphaStor 4.0 build 116 with Windows 2003 SP2 and Windows 2008 R2. Authors: - Anyway <Aniway.Anyway@gmail.com> - Preston Thornburn <prestonthornburg@gmail.com> - Mohsan Farid <faridms@gmail.com> - Brent Morris <inkrypto@gmail.com> - juan vazquez <juan.vazquez@metasploit.com>
  • EMC Networker Format String
    Disclosure Date: 2012-08-29
    First seen: 2020-04-26
    exploit/windows/emc/networker_format_string
    This module exploits a format string vulnerability in the lg_sprintf function as implemented in liblocal.dll on EMC Networker products. This module exploits the vulnerability by using a specially crafted RPC call to the program number 0x5F3DD, version 0x02, and procedure 0x06. This module has been tested successfully on EMC Networker 7.6 SP3 on Windows XP SP3 and Windows 2003 SP2 (DEP bypass). Authors: - Aaron Portnoy - Luigi Auriemma <aluigi@autistici.org> - juan vazquez <juan.vazquez@metasploit.com>
  • EMC Replication Manager Command Execution
    Disclosure Date: 2011-02-07
    First seen: 2020-04-26
    exploit/windows/emc/replication_manager_exec
    This module exploits a remote command-injection vulnerability in EMC Replication Manager client (irccd.exe). By sending a specially crafted message invoking RunProgram function an attacker may be able to execute arbitrary commands with SYSTEM privileges. Affected products are EMC Replication Manager < 5.3. This module has been successfully tested against EMC Replication Manager 5.2.1 on XP/W2003. EMC Networker Module for Microsoft Applications 2.1 and 2.2 may be vulnerable too although this module have not been tested against these products. Authors: - Unknown - Davy Douhine
  • EMC ApplicationXtender (KeyWorks) ActiveX Control Buffer Overflow
    Disclosure Date: 2009-09-29
    First seen: 2020-04-26
    exploit/windows/fileformat/emc_appextender_keyworks
    This module exploits a stack buffer overflow in the KeyWorks KeyHelp ActiveX Control (KeyHelp.ocx 1.2.3120.0). This ActiveX Control comes bundled with EMC's Documentation ApplicationXtender 5.4. Authors: - MC <mc@metasploit.com>
3 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers. Visit metasploit web site for more details
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close