CVE-2008-0974 - Vulnerability Details - OpenCVE

Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon termination) via (1) a large vector<T> value, which raises a "vector<T> too long" exception; or (2) a certain packet that raises an ospace/time/src\date.cpp exception.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Double-take Software	Double-take
Hp	Storageworks Double-take

Configuration 1 [-]

OR	cpe:2.3:a:double-take_software:double-take::::::::
	cpe:2.3:a:double-take_software:double-take:4.5:::::::*
	cpe:2.3:a:hp:storageworks_double-take::::::::

No data.

References

Link	Providers
http://aluigi.altervista.org/adv/doubletakedown-adv.txt
http://aluigi.org/poc/doubletakedown.zip
http://secunia.com/advisories/29075
http://securityreason.com/securityalert/3698
http://www.securityfocus.com/archive/1/488632/100/0/threaded
http://www.securityfocus.com/bid/27951
http://www.vupen.com/english/advisories/2008/0666

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-02-25T23:00:00

Updated: 2024-08-07T08:01:40.173Z

Reserved: 2008-02-25T00:00:00

Link: CVE-2008-0974

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2008-02-25T23:44:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-0974

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-02-22T00:00:00", "descriptions": [{"lang": "en", "value": "Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon termination) via (1) a large vector<T> value, which raises a \"vector<T> too long\" exception; or (2) a certain packet that raises an ospace/time/src\\date.cpp exception."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "ADV-2008-0666", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/0666"}, {"tags": ["x_refsource_MISC"], "url": "http://aluigi.altervista.org/adv/doubletakedown-adv.txt"}, {"name": "3698", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/3698"}, {"name": "27951", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/27951"}, {"tags": ["x_refsource_MISC"], "url": "http://aluigi.org/poc/doubletakedown.zip"}, {"name": "29075", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/29075"}, {"name": "20080222 Multiple vulnerabilities in Double-Take 5.0.0.2865", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/488632/100/0/threaded"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-0974", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon termination) via (1) a large vector<T> value, which raises a \"vector<T> too long\" exception; or (2) a certain packet that raises an ospace/time/src\\date.cpp exception."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2008-0666", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0666"}, {"name": "http://aluigi.altervista.org/adv/doubletakedown-adv.txt", "refsource": "MISC", "url": "http://aluigi.altervista.org/adv/doubletakedown-adv.txt"}, {"name": "3698", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/3698"}, {"name": "27951", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27951"}, {"name": "http://aluigi.org/poc/doubletakedown.zip", "refsource": "MISC", "url": "http://aluigi.org/poc/doubletakedown.zip"}, {"name": "29075", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29075"}, {"name": "20080222 Multiple vulnerabilities in Double-Take 5.0.0.2865", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/488632/100/0/threaded"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:01:40.173Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2008-0666", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/0666"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.altervista.org/adv/doubletakedown-adv.txt"}, {"name": "3698", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/3698"}, {"name": "27951", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/27951"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://aluigi.org/poc/doubletakedown.zip"}, {"name": "29075", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/29075"}, {"name": "20080222 Multiple vulnerabilities in Double-Take 5.0.0.2865", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/488632/100/0/threaded"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-0974", "datePublished": "2008-02-25T23:00:00", "dateReserved": "2008-02-25T00:00:00", "dateUpdated": "2024-08-07T08:01:40.173Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:double-take_software:double-take:*:*:*:*:*:*:*:*", "matchCriteriaId": "7CAE56F4-BE8E-4C4D-8FEE-BCBC85151427", "versionEndIncluding": "5.0.0.2865", "vulnerable": true}, {"criteria": "cpe:2.3:a:double-take_software:double-take:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "F178F692-773F-4D8A-BA9C-78D448126649", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:storageworks_double-take:*:*:*:*:*:*:*:*", "matchCriteriaId": "774A4ECB-35CC-4D62-815E-55B5D25670C1", "versionEndIncluding": "5.0.0.2865", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Double-Take 5.0.0.2865 and earlier, distributed under the HP StorageWorks Storage Mirroring name and other names, allows remote attackers to cause a denial of service (daemon termination) via (1) a large vector<T> value, which raises a \"vector<T> too long\" exception; or (2) a certain packet that raises an ospace/time/src\\date.cpp exception."}, {"lang": "es", "value": "Double-Take versi\u00f3n 5.0.0.0.2865 y anteriores, distribuida bajo el nombre de HP StorageWorks Storage Mirroring y otros nombres, permite a atacantes remotos causar una denegaci\u00f3n de servicio (terminaci\u00f3n del demonio) por medio de (1) un valor vector(T) largo, que genera una excepci\u00f3n \"vector(T) too long\"; o (2) un paquete determinado que genera una excepci\u00f3n de ospace/time/src\\date.cpp."}], "id": "CVE-2008-0974", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-02-25T23:44:00.000", "references": [{"source": "cve@mitre.org", "url": "http://aluigi.altervista.org/adv/doubletakedown-adv.txt"}, {"source": "cve@mitre.org", "url": "http://aluigi.org/poc/doubletakedown.zip"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/29075"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/3698"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/488632/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/27951"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0666"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://aluigi.altervista.org/adv/doubletakedown-adv.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://aluigi.org/poc/doubletakedown.zip"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29075"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/3698"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/488632/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/27951"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0666"}], "sourceIdentifier": "cve@mitre.org", "vendorComments": [{"comment": "This issue was fixed in version 5.1 which was released July 11, 2008", "lastModified": "2009-05-08T00:00:00", "organization": "Double-Take"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}