CVE Vulnerabilities

CVE-2007-1593

Published: Jun 04, 2007 | Modified: Jul 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows 3.1 through 4.3, and VVR for Unix 3.5 through 5.0, in Symantec Storage Foundation products allows remote attackers to cause a denial of service (memory consumption and service crash) via a crafted packet to the service port (8199/tcp) that triggers a request for more memory than available, which causes the service to write to an invalid pointer.

Affected Software

Name Vendor Start Version End Version
Veritas_volume_replicator Symantec 3.1 (including) 3.1 (including)
Veritas_volume_replicator Symantec 3.5 (including) 3.5 (including)
Veritas_volume_replicator Symantec 4.0 (including) 4.0 (including)
Veritas_volume_replicator Symantec 4.1 (including) 4.1 (including)
Veritas_volume_replicator Symantec 4.1-rp1 (including) 4.1-rp1 (including)
Veritas_volume_replicator Symantec 4.2 (including) 4.2 (including)
Veritas_volume_replicator Symantec 4.2-rp1 (including) 4.2-rp1 (including)
Veritas_volume_replicator Symantec 4.2-rp2 (including) 4.2-rp2 (including)
Veritas_volume_replicator Symantec 4.3 (including) 4.3 (including)
Veritas_volume_replicator Symantec 4.3-mp3 (including) 4.3-mp3 (including)
Veritas_volume_replicator Symantec 5.0 (including) 5.0 (including)

References