Security update for EMC RepliStor
Security services provider iDefense has discovered several heap overflows in EMC's RepliStor Windows file system replication tool. These could be used to take remote control of a system. The vulnerabilities are all reported to be located in the file compression code.
A successful attack requires access to TCP ports 7144 or 7145. Authentication is not required. The error was discovered in EMC RepliStor Version 6.2 SP2, but earlier versions are probably also vulnerable. The manufacturer has provided an Update for registered users.
- EMC RepliStor Multiple Heap Overflow Vulnerabilities, vulnerability report by iDefense