Denial of Service Vulnerability in Double-Take by HP
CVE-2008-0976

Currently unrated

Key Information:

Vendor: HP
Status: Storageworks Double-take; Double-take
Vendor: CVE Published:; 25 February 2008

Summary

The vulnerability in Double-Take 5.0.0.2865 and earlier versions allows remote attackers to exploit a denial of service condition. By sending specially crafted packets of types 0x2722 or 0x272a, an attacker can trigger a NULL pointer dereference, which leads to a crash of the daemon process. This weakness can disrupt service availability, leaving systems vulnerable to further attacks.

References

http://www.vupen.com/english/advisories/2008/0666

vdb-entryx_refsource_VUPEN

http://aluigi.altervista.org/adv/doubletakedown-adv.txt

x_refsource_MISC

http://securityreason.com/securityalert/3698

third-party-advisoryx_refsource_SREASON

Timeline

Vulnerability published
Feb 25, 2008
Vulnerability Reserved
Feb 25, 2008