Stack Consumption Vulnerability in HP StorageWorks Storage Mirroring
CVE-2008-0979

Currently unrated

Key Information:

Vendor: HP
Status: Storageworks Double-take; Double-take
Vendor: CVE Published:; 25 February 2008

Summary

A stack consumption vulnerability exists in the Double-Take product, versions 5.0.0.2865 and earlier, under the HP StorageWorks Storage Mirroring name. Remote attackers can exploit this vulnerability by sending specially crafted packets that cause the affected software to call a function recursively, leading to a denial of service condition characterized by crashing the daemon. This vulnerability underscores potential risks for users relying on this software for reliable data protection and disaster recovery.

References

http://www.vupen.com/english/advisories/2008/0666

vdb-entryx_refsource_VUPEN

http://aluigi.altervista.org/adv/doubletakedown-adv.txt

x_refsource_MISC

http://securityreason.com/securityalert/3698

third-party-advisoryx_refsource_SREASON

Timeline

Vulnerability published
Feb 25, 2008
Vulnerability Reserved
Feb 25, 2008