CVSS: 10.0EPSS: 6%CPEs: 1EXPL: 0CVE-2006-3892
https://notcve.org/view.php?id=CVE-2006-3892
The Management Console server in EMC NetWorker (formerly Legato NetWorker) 7.3.2 before Jumbo Update 1 uses weak authentication, which allows remote attackers to execute arbitrary commands. El servidor de la consola de administración del EMC NetWorker (antiguamente el Legato NetWorker) 7.3.2 anterior a la actualización 1 del Jumbo, utiliza una autenticación débil, lo que permite a atacantes remotos ejecutar comandos de su elección. • ftp://ftp.legato.com/pub/NetWorker/Updates/732JumboUpdate1/README%20732%20Jumbo%20Update%201.txt http://osvdb.org/33853 http://secunia.com/advisories/24362 http://www.kb.cert.org/vuls/id/498553 http://www.kb.cert.org/vuls/id/MIMG-6VMLWA http://www.securityfocus.com/bid/22789 http://www.securitytracker.com/id?1017724 http://www.vupen.com/english/advisories/2007/0816 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0113
https://notcve.org/view.php?id=CVE-2002-0113
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores log files in the /nsr/logs/ directory with world-readable permissions, which allows local users to read sensitive information and possibly gain privileges. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. Legato Networker 6.1 almacena ficheros de registro en el directorio /nsr/logs/ con permisos de lectura para todos los usuarios, lo que permite a usuarios locales leer información sensible y posiblemente ganar privilegios. • http://online.securityfocus.com/archive/1/249420 http://www.iss.net/security_center/static/7897.php http://www.securityfocus.com/bid/3840 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0CVE-2002-0114
https://notcve.org/view.php?id=CVE-2002-0114
EMC NetWorker (formerly Legato NetWorker) before 7.0 stores passwords in plaintext in the daemon.log file, which allows local users to gain privileges by reading the password from the file. NOTE: this was originally reported for Legato NetWorker 6.1 on the Solaris 7 platform. Legato NetWorker 6.1 almacena passwords en texto plano en el fichero daemon.log que permite a usuarios locales tomar privilegios leyendo las passwords del fichero. • http://online.securityfocus.com/archive/1/249420 http://www.iss.net/security_center/static/7898.php http://www.securityfocus.com/bid/3842 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-0910
https://notcve.org/view.php?id=CVE-2001-0910
Legato Networker before 6.1 allows remote attackers to bypass access restrictions and gain privileges on the Networker interface by spoofing the admin server name and IP address and connecting to Networker from an IP address whose hostname can not be determined by a DNS reverse lookup. • http://marc.info/?l=bugtraq&m=100638782917917&w=2 http://www.securityfocus.com/bid/3564 https://exchange.xforce.ibmcloud.com/vulnerabilities/7601 •