Re: Multiple vulnerabilities in Double-Take 5.0.0.2865
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Multiple vulnerabilities in Double-Take 5.0.0.2865
- From: Steve Shockley <steve.shockley@xxxxxxxxxxxx>
- Date: Thu, 06 Mar 2008 16:14:03 -0500
- In-reply-to: <47C3702B.6070804@xxxxxxxxxxxx>
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9b5pre) Gecko/2008030503 Thunderbird/3.0a1pre Mnenhy/0.7.5.0
Luigi Auriemma wrote:
Application: Double-Take
Double Take responded:
You may be aware of a recent posting of “vulnerabilities” in Double-Take
5.0 by an Italian gentleman, Luigi Auriemma. Essentially he found that
sending packets of malformed data to our service will crash the service.
He also found that given access to the network, he could find a server’s
operating system, Ethernet adapters, printer driver, list of partitions
and their file systems, and recent Double-Take log entries.
These issues are not new and pose a low security risk. They do not
result in unauthorized system access, data access, or data corruption.
They also require the ability to send/receive packets directly to/from a
server, which would require prior access to your network.
We want to assure you that these are not cause for concern and that we
are working to close these gaps.
[Index of Archives]
[Linux Security]
[Netfilter]
[PHP]
[Yosemite News]
[Linux Kernel]
