Contact us

Solutions

Featured solutions AI Campus and branch Data center WAN Security Service provider Cloud operator Industries

Services

Services

Take me to HPE.com

APP: EMC AutoStart Packet Injection Remote Command Execution

This signature detects attempts to exploit a known vulnerability against EMC. A successful exploit can lead to remote command execution.

Extended Description

ftagent.exe in EMC AutoStart 5.4.x and 5.5.x before 5.5.0.508 HF4 allows remote attackers to execute arbitrary commands via crafted packets.

Affected Products

Emc autostart

References

CVE: CVE-2015-0538

URL: http://www.zerodayinitiative.com/advisories/zdi-15-171/ http://www.zerodayinitiative.com/advisories/zdi-15-172/

Short Name

APP:EMC-PACKT-INJ-COM-EXEC

Severity

Major

Recommended

True

Recommended Action

Drop

Category

APP

Keywords

AutoStart CVE-2015-0538 Command EMC Execution Injection Packet Remote

Release Date

07/20/2015

Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version

3337

Port

TCP/8045

False Positive

Unknown

Vendors

Emc

CVSS Score

9.3