CVSS: 7.2EPSS: 0%CPEs: 14EXPL: 0CVE-2012-2291
https://notcve.org/view.php?id=CVE-2012-2291
EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack. EMC Avamar Client v4.x, v5.x y 6.x en HP-UX y Mac OS X, y el complemento EMC Avamar v4.x, v5.x, y x6.x para Oracle, usa permisos de escritura globales para directorios cache, lo que permite a usuarios locales ibtener privilegios a través de ataque simbólico sin especificar • http://archives.neohapsis.com/archives/bugtraq/2013-01/0086.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 0CVE-2011-1740
https://notcve.org/view.php?id=CVE-2011-1740
EMC Avamar 4.x, 5.0.x, and 6.0.x before 6.0.0-592 allows remote authenticated users to modify client data or obtain sensitive information about product activities by leveraging privileged access to a different domain. EMC Avamar v4.x, v5.0.x, y v6.0.x antes de v6.0.0-592 permite modificar los datos del cliente a usuarios remotos autenticados para obtener información confidencial sobre las actividades del producto, aprovechando el acceso privilegiado a un dominio diferente. • http://archives.neohapsis.com/archives/bugtraq/2011-09/0076.html http://secunia.com/advisories/45988 http://secunia.com/advisories/46002 http://securitytracker.com/id?1026035 https://exchange.xforce.ibmcloud.com/vulnerabilities/69760 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.5EPSS: 0%CPEs: 3EXPL: 0CVE-2011-0442
https://notcve.org/view.php?id=CVE-2011-0442
The service utility in EMC Avamar 5.x before 5.0.4 uses cleartext to transmit event details in (1) service requests and (2) e-mail messages, which might allow remote attackers to obtain sensitive information by sniffing the network. La utilidad de servicio en EMC Avamar v5.x anterior a v5.0.4 utiliza texto claro para transmitir los detalles del evento en una (1) petición de servicio y (2) mensajes de correo electrónico, lo que podría permitir a atacantes remotos obtener información sensible espiando la red . • http://secunia.com/advisories/43797 http://securityreason.com/securityalert/8139 http://www.securityfocus.com/archive/1/517022/100/0/threaded http://www.securityfocus.com/bid/46879 http://www.securitytracker.com/id?1025213 http://www.vupen.com/english/advisories/2011/0677 http://www.vupen.com/english/advisories/2011/0678 https://exchange.xforce.ibmcloud.com/vulnerabilities/66109 • CWE-310: Cryptographic Issues •
CVSS: 8.5EPSS: 0%CPEs: 3EXPL: 0CVE-2011-0648
https://notcve.org/view.php?id=CVE-2011-0648
Unspecified vulnerability in EMC Avamar before 5.0.4-30 allows remote authenticated users to gain privileges via unknown vectors. Vulnerabilidad no especificada en EMC Avamar anterior a v5.0.4-30 permite a usuarios remotos autenticados obtener privilegios a través de vectores desconocidos . • http://osvdb.org/71181 http://secunia.com/advisories/43749 http://securityreason.com/securityalert/8138 http://www.securityfocus.com/archive/1/517024/100/0/threaded http://www.securityfocus.com/bid/46874 https://exchange.xforce.ibmcloud.com/vulnerabilities/66108 •
CVSS: 7.1EPSS: 2%CPEs: 2EXPL: 0CVE-2010-1919
https://notcve.org/view.php?id=CVE-2010-1919
Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a denial of service (gsan service hang) by sending a crafted message using TCP. Vulnerabilidad sin especificar en EMC Avamar v4.1.x y v5.0 anterior a SP1 permite a atacantes remotos provocar una denegación de servicio (servicio gsan colgado) enviando un mensaje manipulado utilizando TCP. • http://archives.neohapsis.com/archives/bugtraq/2010-05/0254.html http://secunia.com/advisories/39919 http://securitytracker.com/id?1024036 http://www.packetstormsecurity.org/1005-advisories/ESA-2010-007.txt http://www.securityfocus.com/bid/40390 http://www.vupen.com/english/advisories/2010/1253 •