Page 2 of 9 results (0.007 seconds)

CVSS: 7.2EPSS: 0%CPEs: 70EXPL: 0

The nsrpush process in the client in EMC NetWorker before 7.6.5.3 and 8.x before 8.0.1.4 sets weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. El proceso nsrpush en el cliente en EMC NetWorker anterior a v7.6.5.3 y v8.x anterior a v8.0.1.4 fija permisos débiles para ficheros no especificados, permitiendo a usuarios locales ganar privilegios mediante vectores desconocidos. • http://archives.neohapsis.com/archives/bugtraq/2013-05/0013.html • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.0EPSS: 2%CPEs: 28EXPL: 0

librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. librpc.dll en nsrexecd de EMC NetWorker en versiones anteriores a 7.5 SP4, 7.5.3.x anteriores a 7.5.3.5, y 7.6.x anteriores a 7.6.1.2 no mitiga apropiadamente la posibilidad de suplantar una dirección IP de fuente localhost, lo que permite a atacantes remotos (1) registrar o (2) desregistrar servicios RPC, y consecuentemente provocar una denegación de servicio u obtener información confidencial de comunicación entre procesos ("interprocess communication") a través de paquetes UDP modificados que contengan comandos de servicio. This vulnerability allows remote attackers to register RPC services on vulnerable installations of EMC Legato Networker and IBM Informix Dynamic Server. Authentication is not required to exploit this vulnerability. The flaw exists within the librpc.dll component which listens by default on UDP port 111. When handling the pmap_set request the process verifies the source address is "127.0.0.1". This communication is via UDP and a valid source address is not required, a udp packet from source address "127.0.0.1" can be created sent to this service allowing a remote attacker to register and unregister RPC services. • http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt http://secunia.com/advisories/43113 http://securitytracker.com/id?1025010 http://www.osvdb.org/70686 http://www.securityfocus.com/bid/46044 http://www.vupen.com/english/advisories/2011/0241 https://exchange.xforce.ibmcloud.com/vulnerabilities/64997 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 83%CPEs: 5EXPL: 0

Stack-based buffer overflow in the NetWorker Remote Exec Service (nsrexecd.exe) in EMC Software NetWorker 7.x.x allows remote attackers to execute arbitrary code via a (1) poll or (2) kill request with a "long invalid subcmd." Desbordamiento de búfer basado en pila en el Servicio de Ejecución Remota NetWorker (nsrexecd.exe) en EMC Software NetWorker 7.x.x permite a atacantes remotos ejecutar código de su elección mediante (1) un sondeo o (2) una petición de terminación (kill) con un "subcmd inválido largo". These vulnerabilities allow remote attackers to execute arbitrary code on vulnerable installations of EMC Networker. Authentication is not required to exploit this vulnerability. The specific flaws exist in the Networker Remote Exec Service, nsrexecd.exe. The location of this service is available by querying the SUNRPC portmapper on TCP port 111 for service #0x5f3e1, version 1. • http://osvdb.org/39744 http://secunia.com/advisories/26517 http://securityreason.com/securityalert/3043 http://www.securityfocus.com/archive/1/477172/100/0/threaded http://www.securityfocus.com/bid/25375 http://www.securitytracker.com/id?1018590 http://www.vupen.com/english/advisories/2007/2931 http://www.zerodayinitiative.com/advisories/ZDI-07-049.html https://exchange.xforce.ibmcloud.com/vulnerabilities/36123 •

CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 0

The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands. El servidor de la consola de administración del EMC NetWorker (antiguamente el Legato NetWorker) 7.3.2 anterior a la actualización 1 del Jumbo, utiliza una autenticación débil, lo que permite a atacantes remotos ejecutar comandos de su elección. • ftp://ftp.legato.com/pub/NetWorker/Updates/732JumboUpdate1/README%20732%20Jumbo%20Update%201.txt http://osvdb.org/33853 http://secunia.com/advisories/24362 http://www.kb.cert.org/vuls/id/498553 http://www.kb.cert.org/vuls/id/MIMG-6VMLWA http://www.securityfocus.com/bid/22789 http://www.securitytracker.com/id?1017724 http://www.vupen.com/english/advisories/2007/0816 •