Denial of Service Vulnerability in HP StorageWorks Double-Take
CVE-2008-0974

Currently unrated

Key Information:

Vendor: HP
Status: Storageworks Double-take; Double-take
Vendor: CVE Published:; 25 February 2008

Summary

HP StorageWorks Double-Take versions 5.0.0.2865 and earlier are susceptible to a denial of service vulnerability that can be exploited by remote attackers. This vulnerability can trigger daemon termination through two methods: first, by sending a large vector value which causes a 'vector too long' exception, and second, by transmitting a specific packet that leads to an exception in the ospace/time/src\date.cpp file. These exploitation vectors allow attackers to disrupt the service, potentially leading to loss of availability.

References

http://www.vupen.com/english/advisories/2008/0666

vdb-entryx_refsource_VUPEN

http://aluigi.altervista.org/adv/doubletakedown-adv.txt

x_refsource_MISC

http://securityreason.com/securityalert/3698

third-party-advisoryx_refsource_SREASON

Timeline

Vulnerability published
Feb 25, 2008
Vulnerability Reserved
Feb 25, 2008