what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from Geoffrey Janjua

EMC RecoverPoint Command Injection

Posted Feb 2, 2018

Authored by Geoffrey Janjua, Mike Erman, Alexander Gonzalez, Jack Backer | Site emc.com

EMC RecoverPoint version 5.x suffers from a command injection vulnerability.

tags | advisory

advisories | CVE-2018-1184, CVE-2018-1185

SHA-256 | 6b1050b2ca38267b3498c17f1c55292cdac22c743a228f0a16cc8ca7991c18af

Download | Favorite | View

EMC Data Domain Privilege Escalation

Posted May 5, 2017

Authored by Geoffrey Janjua | Site emc.com

EMC Data Domain OS is potentially vulnerable to a privilege escalation vulnerability. A rogue administrator may be able to log in as the Security Office (SO) and escalate privileges by using SO user?s public key that is stored unprotected on the Data Domain system. Versions 5.2, 5.4, 5.5, 5.6, 5.7 prior to DD OS 5.7.3.0, and 6.0 prior DD OS 6.0.1.0 are affected.

tags | advisory

advisories | CVE-2017-4983

SHA-256 | 61da17b9c0d2b6edce182f8808b1194c9e0556a20d5daa30a0889a0408df310e

Download | Favorite | View

EMC ADS / AVE 7.3.0 Privilege Escalation

Posted Oct 20, 2016

Authored by Geoffrey Janjua, Matteo Tarbet | Site emc.com

EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3 and older contain a vulnerability that may expose the Avamar servers to potentially be compromised by malicious users.

tags | advisory

advisories | CVE-2016-0909

SHA-256 | 21fd79cfda57fbd6d590a4128ee0cc95685b3feb95caedb9d7eda3775d1cf70d

Download | Favorite | View