3 results (0.010 seconds)

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

The client in EMC Replication Manager (RM) before 5.5.3.0_01-PatchHotfix, EMC Network Module for Microsoft 3.x, and EMC Networker Module for Microsoft 8.2.x before 8.2.3.6 allows remote RM servers to execute arbitrary commands by placing a crafted script in an SMB share. El cliente en EMC Replication Manager (RM) en versiones anteriores a 5.5.3.0_01-PatchHotfix, EMC Network Module para Microsoft 3.x y EMC Networker Module para Microsoft 8.2.x en versiones anteriores a 8.2.3.6 permite a servidores RM remotos ejecutar comandos arbitrarios colocando una secuencia de comandos manipulada en un recurso compartido SMB. • http://seclists.org/bugtraq/2016/Oct/6 http://www.securityfocus.com/bid/93348 http://www.securitytracker.com/id/1036940 • CWE-20: Improper Input Validation •

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors. El proceso del (1) instalación and (2) actualización en EMC NetWorker Module para Microsoft Applications (NMM) v2.2.1, v2.3 anterior al build v122, y v2.4 anterior al build v375, cuando el Exchange Server es usado, permite a usuarios locales leer las credenciales del administrador en texto plano mediante vectores desconocidos vectors. • http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html http://osvdb.org/86157 http://secunia.com/advisories/50957 http://www.securityfocus.com/bid/55883 http://www.securitytracker.com/id?1027647 • CWE-255: Credentials Management Errors •

CVSS: 9.3EPSS: 6%CPEs: 3EXPL: 0

The client in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375 allows remote attackers to execute arbitrary code by sending a crafted message over a TCP communication channel. El cliente de EMC NetWorker Module para Microsoft Applications (NMM) v2.2.1, v2.3 anterior al build v122, y v2.4 anterior al build 375 permite a atacantes remotos ejecutar código arbitrario mediante el envío de un mensaje elaborado por un canal de comunicación TCP. • http://archives.neohapsis.com/archives/bugtraq/2012-10/0068.html http://osvdb.org/86158 http://secunia.com/advisories/50957 http://www.securityfocus.com/bid/55883 http://www.securitytracker.com/id?1027647 • CWE-94: Improper Control of Generation of Code ('Code Injection') •