CVE-2012-2288 – EMC NetWorker - Format String
https://notcve.org/view.php?id=CVE-2012-2288
Format string vulnerability in the nsrd RPC service in EMC NetWorker 7.6.3 and 7.6.4 before 7.6.4.1, and 8.0 before 8.0.0.1, allows remote attackers to execute arbitrary code via format string specifiers in a message. Vulnerabilidad de formato de cadena en el servicio nsrd RPC en EMC NetWorker v7.6.3 y v7.6.4 anterior a v7.6.4.1, y v8.0 anterior a v8.0.0.1, permite a atacantes remotos ejecutar código arbitrario a través de especificadores de formato de cadena en un mensaje. • https://www.exploit-db.com/exploits/22525 http://archives.neohapsis.com/archives/bugtraq/2012-08/0219.html http://www.securityfocus.com/bid/55330 http://www.securitytracker.com/id?1027459 • CWE-134: Use of Externally-Controlled Format String •
CVE-2012-0395 – EMC Networker indexd.exe Opcode 0x01 Parsing Remote Code Execution
https://notcve.org/view.php?id=CVE-2012-0395
Buffer overflow in the server in EMC NetWorker 7.5.x and 7.6.x before 7.6.3 SP1 Cumulative Release build 851 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via unspecified vectors. Desbordamiento de búfer en el servidor en EMC NetWorker v7.5.x y v7.6.x anterior a v7.6.3 SP1 Cumulative Release 851 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) o posiblemente ejecutar código arbitrario a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Networker. Authentication is not required to exploit this vulnerability. The specific flaw exists within the way the indexd.exe handles rpc calls with opcode 0x1 for program 0x0005F3D9. While processing this message a user supplied string is copied into a fixed size stack buffer. • http://www.securityfocus.com/archive/1/521374 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-1421
https://notcve.org/view.php?id=CVE-2011-1421
EMC NetWorker 7.5.x before 7.5.4.3 and 7.6.x before 7.6.1.5, when the client push feature is enabled, uses weak permissions for an unspecified file, which allows local users to gain privileges via unknown vectors. EMC NetWorker v7.5.x anterior a v7.5.4.3 y v7.6.x anterior a v7.6.1.5, cuando la función Client Push cliente está habilitada, utiliza permisos débiles para un archivo no especificado, lo que permite a usuarios locales conseguir privilegios a través de vectores desconocidos. • http://secunia.com/advisories/44237 http://securityreason.com/securityalert/8214 http://securitytracker.com/id?1025383 http://www.securityfocus.com/archive/1/517532/100/0/threaded http://www.securityfocus.com/bid/47410 http://www.vupen.com/english/advisories/2011/1025 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2011-0647 – EMC Replication Manager Client irccd.exe Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0647
The irccd.exe service in EMC Replication Manager Client before 5.3 and NetWorker Module for Microsoft Applications 2.1.x and 2.2.x allows remote attackers to execute arbitrary commands via the RunProgram function to TCP port 6542. El servicio irccd.exe en EMC Replication Manager Client anterior de v5.3 y NetWorker Module para Microsoft Applications v2.1.x y v2.2.x permite a atacantes remotos ejecutar comandos de su elección a través de la función RunProgram al puerto TCP 6542. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Replication Manager Client. Authentication is not required to exploit this vulnerability. The Replication Manager client installs a service binds the irccd.exe process to TCP port 6542. This service accepts commands using an XML-based protocol. • https://www.exploit-db.com/exploits/41704 http://osvdb.org/70853 http://secunia.com/advisories/43164 http://www.securityfocus.com/archive/1/516260 http://www.securityfocus.com/archive/1/516282/100/0/threaded http://www.securityfocus.com/bid/46235 http://www.vupen.com/english/advisories/2011/0304 http://www.zerodayinitiative.com/advisories/ZDI-11-061 https://exchange.xforce.ibmcloud.com/vulnerabilities/65205 • CWE-20: Improper Input Validation •
CVE-2011-0321 – Multiple Vendor librpc.dll Remote Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2011-0321
librpc.dll in nsrexecd in EMC NetWorker before 7.5 SP4, 7.5.3.x before 7.5.3.5, and 7.6.x before 7.6.1.2 does not properly mitigate the possibility of a spoofed localhost source IP address, which allows remote attackers to (1) register or (2) unregister RPC services, and consequently cause a denial of service or obtain sensitive information from interprocess communication, via crafted UDP packets containing service commands. librpc.dll en nsrexecd de EMC NetWorker en versiones anteriores a 7.5 SP4, 7.5.3.x anteriores a 7.5.3.5, y 7.6.x anteriores a 7.6.1.2 no mitiga apropiadamente la posibilidad de suplantar una dirección IP de fuente localhost, lo que permite a atacantes remotos (1) registrar o (2) desregistrar servicios RPC, y consecuentemente provocar una denegación de servicio u obtener información confidencial de comunicación entre procesos ("interprocess communication") a través de paquetes UDP modificados que contengan comandos de servicio. This vulnerability allows remote attackers to register RPC services on vulnerable installations of EMC Legato Networker and IBM Informix Dynamic Server. Authentication is not required to exploit this vulnerability. The flaw exists within the librpc.dll component which listens by default on UDP port 111. When handling the pmap_set request the process verifies the source address is "127.0.0.1". This communication is via UDP and a valid source address is not required, a udp packet from source address "127.0.0.1" can be created sent to this service allowing a remote attacker to register and unregister RPC services. • http://archives.neohapsis.com/archives/bugtraq/2011-01/0162.html http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt http://secunia.com/advisories/43113 http://securitytracker.com/id?1025010 http://www.osvdb.org/70686 http://www.securityfocus.com/bid/46044 http://www.vupen.com/english/advisories/2011/0241 https://exchange.xforce.ibmcloud.com/vulnerabilities/64997 • CWE-264: Permissions, Privileges, and Access Controls •